Tag: business

In the Weeds? Humira “Patent Thicket” Isn’t an Antitrust Violation

The US Court of Appeals for the Seventh Circuit affirmed that welfare benefit plans that bought the drug Humira did not have valid antitrust claims against the patent owner. The Court found that amassing patents by itself is not enough to give rise to an antitrust claim, and that the welfare benefit plans would need to prove that the patents were invalid. Mayor and City Council of Baltimore, et al. v. AbbVie Inc., et al., Case No. 20-2402 (7th Cir. Aug. 1, 2022) (Easterbrook, Wood, Kirsch, JJ.)

AbbVie owns a patent covering Humira, which is a drug used to treat arthritic and inflammatory diseases. Humira is not covered by the Hatch-Waxman Act because it is a biologic drug, rather than a synthetic drug. Biologics are covered by the Biologics Price Competition and Innovation Act (BPCIA), under which a competitor must ask the US Food and Drug Administration for permission to sell a “biosimilar” drug based on certain guidelines. From the first sale of the original drug, the competitor must wait 12 years to enter the market. If the original drug seller believes that a patent blocks competition and initiates litigation, the competitor is still free to sell its biosimilar drug. The competitor sells at risk of an adverse outcome in the litigation.

The original Humira patent expired in 2016, but AbbVie obtained 132 additional patents related to the drug. After the 12-year BPCIA requirement passed, none of AbbVie’s competitors chose to launch a biosimilar. Instead, competitors settled with AbbVie on terms to enter the US market in 2023. In exchange, AbbVie agreed that enforcement of all 132 of its patents would end in 2023 even if they were not set to expire.

Welfare benefit plans that pay for Humira on behalf of covered beneficiaries accused AbbVie of violating Sections 1 and 2 of the Sherman Antitrust Act. The payors argued that AbbVie’s settlements with potential competitors established a conspiracy that restrained competition in violation of Section 1, and that AbbVie’s “patent thicket” allowed AbbVie to reap unlawful monopoly profits from Humira after expiration of the original patent in violation of Section 2. The district court dismissed the complaint. The payors appealed.

The issue on appeal with respect to Section 2 was whether the payors had to prove that all of AbbVie’s Humira-related patents were invalid. Under the Walker Process antitrust doctrine, a party may be liable for an antitrust violation if it knowingly asserts a fraudulently procured patent in an attempt to monopolize a market. The payors did not argue that all 132 of AbbVie’s patents were fraudulent. The Seventh Circuit reasoned that because the patent laws do not set a cap on the number of patents a person (or company) can hold, the payors would need to prove that each of AbbVie’s 132 Humira-related patents were invalid to succeed in showing a violation under Section 2. Not only did the payors fail to prove that all 132 patents were invalid, but they did not even offer to do so. The Court thus agreed with the district court that AbbVie did not amass a patent thicket to maintain monopoly profits from Humira.

The issue on appeal with respect to Section 1 was whether AbbVie’s settlements with potential biosimilar competitors were anticompetitive. The Seventh Circuit found that the payors could have a Section 1 claim if they were injured by the terms of AbbVie’s settlements with its competitors (for example, by showing that AbbVie overpaid a competitor to defer entry). The terms of AbbVie’s settlements allowed the competitors immediate entry to the European market, and AbbVie agreed to US market entry before its last Humira-related patents expired. The Court found that those terms, as well as the payors’ failure to show that AbbVie overpaid the competitors to delay their entry, rendered the settlements lawful.

The Seventh Circuit therefore affirmed the district court’s dismissal.

Article By Alexandra Lewis of McDermott Will & Emery

For more intellectual property legal news, click here to visit the National Law Review.

© 2022 McDermott Will & Emery

Biden Administration Seeks to Clarify Patient Privacy Protections Post-Dobbs, Though Questions Remain

On July 8, two weeks following the Supreme Court’s ruling in Dobbs v. Jackson that invalidated the constitutional right to abortion, President Biden signed Executive Order 14076 (E.O.). The E.O. directed federal agencies to take various actions to protect access to reproductive health care services,[1] including directing the Secretary of the U.S. Department of Health and Human Services (HHS) to “consider actions” to strengthen the protection of sensitive healthcare information, including data on reproductive healthcare services like abortion, by issuing new guidance under the Health Insurance and Accountability Act of 1996 (HIPAA).[2]

The directive bolstered efforts already underway by the Biden Administration. A week before the E.O. was signed, HHS Secretary Xavier Becerra directed the HHS Office for Civil Rights (OCR) to take steps to ensure privacy protections for patients who receive, and providers who furnish, reproductive health care services, including abortions.[3] The following day, OCR issued two guidance documents to carry out this order, which are described below.

Although the guidance issued by OCR clarifies the privacy protections as they exist under current law post-Dobbs, it does not offer patients or providers new or strengthened privacy rights. Indeed, the guidance illustrates the limitations of HIPAA regarding protection of health information of individuals related to abortion services.

A.  HHS Actions to Safeguard PHI Post-Dobbs

Following Secretary Becerra’s press announcement, OCR issued two new guidance documents outlining (1) when the HIPAA Privacy Rule may prevent the unconsented disclosure of reproductive health-related information; and (2) best practices for consumers to protect sensitive health information collected by personal cell phones, tablets, and apps.

(1) HIPAA Privacy Rule and Disclosures of Information Relating to Reproductive Health Care

In the “Guidance to Protect Patient Privacy in Wake of Supreme Court Decision on Roe,”[4] OCR addresses three existing exceptions in the HIPAA Privacy Rule to the disclosure of PHI without an individual’s authorization and provides examples of how those exceptions may be applied post-Dobbs.

The three exceptions discussed in the OCR guidance are the exceptions for disclosures required by law,[5]  for purposes of law enforcement,[6] or to avert a serious threat to health or safety.[7]

While the OCR guidance reiterates that the Privacy Rule permits, “but does not require” disclosure of PHI in each of these exceptions,[8] this offers limited protection that relies on the choice of providers whether to disclose or not disclose the information. Although these exceptions are highlighted as “protections,” they expressly permit the disclosure of protected health information. Further, while true that the HIPAA Privacy Rule itself may not compel disclosure (but merely permits disclosure), the guidance fails to mention that in many situations in which these exceptions apply, the provider will have other legal authority (such as state law) mandating the disclosure and thus, a refusal to disclose the PHI may be unlawful based on a law other than HIPAA.

Two of the exceptions discussed in the guidance – the required by law exception and the law enforcement exception – both only apply in the first place when valid legal authority is requiring disclosure. In these situations, the fact that HIPAA does not compel disclosure is of no relevance. Certainly, when there is not valid legal authority requiring disclosure of PHI, then HIPAA prohibits disclosure, as noted as in the OCR guidance.  However, in states with restrictive abortion laws, the state legal authorities are likely to be designed to require disclosure – which HIPAA does not prevent.

For instance, if a health care provider receives a valid subpoena from a Texas court that is ordering the disclosure of PHI as part of a case against an individual suspected of aiding and abetting an abortion, in violation of Texas’ S.B. 8, then that provider could be held in contempt of court for failing to comply with the subpoena, despite the fact that HIPAA does not compel disclosure.[9] For more examples on when a covered entity may be required to disclose PHI, please see EBG’s prior blog: The Pendulum Swings Both Ways: State Responses to Protect Reproductive Health Data, Post-Roe.[10]

Notably, the OCR guidance does provide a new interpretation of the application of the exception for disclosures to avert a serious threat to health or safety. Under this exception, covered entities may disclose PHI, consistent with applicable law and standards of ethical conduct, if the covered entity, in good faith, believes the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. OCR states that it would be inconsistent with professional standards of ethical conduct to make such a disclosure of PHI to law enforcement or others regarding an individual’s interest, intent, or prior experience with reproductive health care. Thus, in the guidance, OCR takes the position that if a patient in a state where abortion is prohibited informs a health care provider of the patient’s intent to seek an abortion that would be legal in another state, this would not fall into the exception for disclosures to avert a serious threat to health or safety.  Covered entities should be aware of OCR’s position and understand that presumably OCR would view any such disclosure as a HIPAA violation.

(2) Protecting the Privacy and Security of Individuals’ Health Information When Using Personal Cell Phones or Tablets

OCR also issued guidance on how individuals can best protect their PHI on their own personal devices. HIPAA does not generally protect the privacy or security of health information when it is accessed through or stored on personal cell phones or tablets. Rather, HIPAA only applies when PHI is created, received, maintained, or transmitted by covered entities and business associates. As a result, it is not unlawful under HIPAA for information collected by devices or apps – including data pertaining to reproductive healthcare – to be disclosed without consumer’s knowledge.[11]

In an effort to clarify HIPAA’s limitation to protect such information, OCR issued guidance to protect consumer sensitive information stored in personal devices and apps.[12] This includes step-by-step guidance on how to control data collection on their location, and how to securely dispose old devices.[13]

Further, some states have taken steps to fill the legal gaps to varying degrees of success. For example, California’s Confidentiality of Medical Information Act (“CMIA”) extends to “any business that offers software or hardware to consumers, including a mobile application or other related device that is designed to maintain medical information.”[14] As applied, a direct-to-consumer period tracker app provided by a technology company, for example, would fall under the CMIA’s data privacy protections, but not under HIPAA. Regardless, gaps remain as the CMIA does not protect against a Texas prosecutor subpoenaing information from the direct-to-consumer app. Conversely, Connecticut’s new reproductive health privacy law,[15] does prevent a Connecticut covered entity from disclosing reproductive health information based on a subpoena, but Connecticut’s law does not apply to non-covered entities, such as a period tracker app. Therefore, even the U.S.’s most protective state privacy laws do not fill in all of the privacy gaps.

Alongside OCR’s guidance, the Federal Trade Commission (FTC) published a blog post warning companies with access to confidential consumer information to consider FTC’s enforcement powers under Section 5 of the FTC Act, as well as the Safeguards Rule, the Health Breach Notification Rule, and the Children’s Online Privacy Protection Rule.[16] Consistent with OCR’s guidance, the FTC’s blog post reiterates the Biden Administration’s goal of protecting reproductive health data post-Dobbs, but does not go so far as to create new privacy protections relative to current law.

B.  Despite the Biden Administration’s Guidance, Questions Remain Regarding the Future of Reproductive Health Privacy Protections Post-Dobbs

Through E.O. 14076, Secretary Becerra’s press conference, OCR’s guidance, and the FTC’s blog, the Biden Administration is signaling that it intends to use the full force of its authorities – including those vested by HIPAA – to protect patient privacy in the wake of Roe.

However, it remains unclear how this messaging will translate to affirmative executive actions, and how successful such executive actions would be. How far is the executive branch willing to push reproductive rights? Would more aggressive executive actions be upheld by a Supreme Court that just struck down decades of precedent permitting access to abortion? Will the Biden Administration’s executive actions persist if the administration changes in the next Presidential election?

Attorneys at Epstein Becker & Green are well-positioned to assist covered entities, business associates, and other companies holding sensitive reproductive health data understand how to navigate HIPAA’s exemptions and interactions with emerging guidance, regulations, and statutes at both the state and Federal levels.

Ada Peters, a 2022 Summer Associate (not admitted to the practice of law) in the firm’s Washington, DC office and Jack Ferdman, a 2022 Summer Associate (not admitted to the practice of law) in the firm’s Boston office, contributed to the preparation of this post. 

[1] 87 Fed. Reg. 42053 (Jul. 8, 2022), https://bit.ly/3b4N4rp.

[2] Id.

[3] HHS, Remarks by Secretary Xavier Becerra at the Press Conference in Response to President Biden’s Directive following Overturning of Roe v. Wade (June 28, 2022), https://bit.ly/3zzGYsf.

[4] HHS, Guidance to Protect Patient Privacy in Wake of Supreme Court Decision on Roe (June 29, 2022),  https://bit.ly/3PE2rWK.

[5] 45 CFR 164.512(a)(1)

[6] 45 CFR 164.512(f)(1)

[7] 45 CFR 164.512(j)

[8] Id.

[9] See Texas S.B. 8; e.g., Fed. R. Civ. Pro. R.37 (outlining available sanctions associated with the failure to make disclosures or to cooperate in discovery in Federal courts), https://bit.ly/3BjX4I2.

[10] EBG Health Law Advisor, The Pendulum Swings Both Ways: State Responses to Protect Reproductive Health Data, Post-Roe (June 17, 2022), https://bit.ly/3oPDegl.

[11] A 2019 Kaiser Family Foundation survey concluded that almost one third of female respondents used a smartphone app to monitor their menstrual cycles and other reproductive health data. Kaiser Family Foundation, Health Apps and Information Survey (Sept. 2019), https://bit.ly/3PC9Gyt.

[12] HHS, Protecting the Privacy and Security of Your Health Information When Using Your Personal Cell Phone1 or Tablet (last visited Jul. 26, 2022), https://bit.ly/3S2MNWs.

[13] Id.

[14] Cal. Civ. Code § 56.10, Effective Jan. 1, 2022, https://bit.ly/3J5iDxM.

[15] 2022 Conn. Legis. Serv. P.A. 22-19 § 2 (S.B. 5414), Effective July 1, 2022, https://bit.ly/3zwn95c.

[16] FTC, Location, Health, and Other Sensitive Information: FTC Committed To Fully Enforcing the Law Against Illegal Use and Sharing of Highly Sensitive Data (July 11, 2022), https://bit.ly/3BjrzNV.

Article By Alaap B. Shah, Allen R. Killworth, Marylana Saadeh Helou, and Devon Minnick of Epstein Becker & Green, P.C.

For more privacy-related legal news, click here to visit the National Law Review.

©2022 Epstein Becker & Green, P.C. All rights reserved.

U.S. Government Pursues More Aggressive Action to Curb Espionage at Universities

The U.S. Governmental Accountability Office (GAO) thinks the FBI and other agencies are not doing enough to address the espionage threat on U.S. university campuses. It issued a report, “Enforcement Agencies Should Better Leverage Information to Target Efforts Involving U.S. Universities” on June 14, 2022, urging the FBI, the Department of Homeland Security, and the Department of Commerce to step up their outreach efforts to address the threat. Commerce, DHS, and FBI have all concurred with GAO’s recommendations. As a result, U.S. colleges and universities to face yet another organizational risk: an increase in campuses visits by export control and law enforcement agents.

The threat: U.S. export control laws consider the disclosure to non-U.S. persons of technology, software, or technical data to be exports, even if the disclosure occurs in the United States.

The overwhelming majority of non-U.S. persons studying and working at U.S. universities are not security risks and are valued members of their academic organizations. But U.S. intelligence agencies have long warned that foreign state actors actively acquire sensitive national security data and proprietary technology from U.S. universities.

A lot of the technology flow abroad from U.S. universities is perfectly legal, for two reasons: First, most university research, even in cutting-edge technology, is exempt from export controls under an exemption known as “fundamental research.” Second, even in cases where the fundamental research exemption does not apply, it takes time for the U.S. government agencies to add new items to the export control lists they enforce; namely the U.S. Munitions List, administered by the U.S. Department of State, Directorate of Defense Trade Controls; and the Commerce Control List, administered by the U.S. Department of Commerce, Bureau of Industry and Security.

But at the same time, either through inadvertence or outright espionage, unlawful transfers of technology to foreign nationals take place. A 2006 report by the U.S. Office of the National Counterintelligence Executive found that a significant quantity of export controlled U.S. technology is released to foreign nationals in the United States unlawfully each year.

Clash of values: One important issue for higher education in addressing trade controls compliance is cultural in nature. U.S. universities value open, collaborative environments which drive and accelerate innovation. For those institutions, the idea of cutting off information flows conflicts with those cultural norms. By contrast, U.S. export controls aim to protect U.S. national security by hindering the flow of sensitive information to potential adversaries.

GAO’s recommendations: The GAO report recommends that U.S. trade control agencies take more aggressive steps to curb foreign access to sensitive technologies at U.S. universities. The recommendations include steps to enhance risk assessment and ranking of universities by risk, and steps to increase agency cooperation in planning and conducting outreach visits to universities. As a direct result of this report, U.S. universities are going to receive more visits from U.S. government agents.

Practical takeaways:

  • Universities: Consider reevaluating your risk. The threat has evolved, and the U.S. government response is also evolving. A risk evaluation using modern tools such as a premortem can help you know where to dedicate resources to update your export control policies, procedures, and training. Any unlawful escape of technology or technical data are much more likely to be detected and punished under the new regime, in part based on the GAO report. Organizations have to evolve with the threat.
  • Students, faculty, and administrators: Consider how to jealously guard your academic freedom, but be wary of the national security risks of sensitive technology falling into the wrong hands.
  • Research sponsors: More and more U.S. university research is sponsored by U.S. companies and government agencies. Research sponsorship agreements play a major role in striving for both national security and academic goals of the U.S. university system. Sponsors need to be sensitive to how these agreements are drafted. Sponsors must be aware of the espionage threat to their technology. But imposing too many restrictions in the contract may undermine the applicability of the fundamental research exemption and hinder the success of the project.

Conclusion: In the face of organizational threats, institutions do best when they heed their values. In the realm of protecting sensitive technology, we must constantly evolve with the threat. But we must also continue to carefully balance national security considerations with our bedrock values of academic freedom and openness.

Article By J. Scott Maberry of Sheppard, Mullin, Richter & Hampton LLP

For more government and administrative legal news, click here to visit the National Law Review.

Copyright © 2022, Sheppard Mullin Richter & Hampton LLP.

A Summary of Inflation Reduction Act’s Main Energy Tax Proposals

On August 7, the Senate passed the Inflation Reduction Act of 2022 (the “IRA”). The IRA contains a significant number of climate and energy tax proposals, many of which were previously proposed in substantially similar form by the House of Representatives in November 2021 (in the “Build Back Better Act”).

Extension and expansion of production tax credit

Section 45 of the Internal Revenue Code provides a tax credit for renewable electricity production. To be eligible for the credit, a taxpayer must (i) produce electricity from renewable energy resources at certain facilities during a ten-year period beginning on the date the facility was placed in service and (ii) sell that renewable electricity to an unrelated person.[1] Under current law, the credit is not available for renewable electricity produced at facilities whose construction began after December 31, 2021.

The IRA would extend the credit for renewable electricity produced at facilities whose construction begins before January 1, 2025. The credit for electricity produced by solar power –which expired in 2016—would be reinstated, as extended by the IRA.

The IRA would also increase the credit from 1.5 to 3 cents per kilowatt hour of electricity produced.

A taxpayer would be entitled to increase its production tax credit by 500% if (i) its facility’s maximum net output is less than 1 megawatt, (ii) it meets the IRA’s prevailing wage and apprenticeship requirements,[2] and (iii) the construction of its facility begins within fifty-nine days after the Secretary publishes guidance on these requirements.

In addition, the IRA would add a 10% bonus credit for a taxpayer (i) that certifies that any steel, iron, or manufactured product that is a component of its facility was produced in the United States (the “domestic content bonus credit”) or (ii) whose facility is in an energy community (the “energy community bonus credit”).[3]

Extension, expansion, and reduction of investment tax credit

Section 48(a) provides an investment tax credit for the installation of renewable energy property. The amount of the credit is equal to a certain percentage (described below) of the property’s tax basis. Under current law, the credit is limited to property whose construction began before January 1, 2024.

The IRA would extend the credit to property whose construction begins before January 1, 2025. This period would be extended to January 1, 2035 for geothermal property projects. The IRA would also allow the investment tax credit for energy storage technology, qualified biogas property, and microgrid controllers.

The IRA would reduce the base credit from 30% to 6% for qualified fuel cell property; energy property whose construction begins before January 1, 2025; qualified small wind energy property; waste energy recovery property; energy storage technology; qualified biogas property; microgrid controllers; and qualified facilities that a taxpayer elects to treat as energy property. For all other types of energy property, the base credit would be reduced from 10% to 2%.

A taxpayer would be entitled to increase this base credit by 500% (for a total investment tax credit of 30%) if (i) its facility’s maximum net output is less than 1 megawatt of electrical or thermal energy, (ii) it meets the prevailing wage and apprenticeship requirements, and (iii) its facility begins construction within fifty-nine days after the Secretary publishes guidance on these requirements.

In addition, a taxpayer would be entitled to a 10% domestic content bonus credit and 10% energy community bonus credit (subject to the same requirements as for bonus credits under section 45). The IRA would also add a (i) 10% bonus credit for projects undertaken in a facility with a maximum net output of 5 megawatts and is located in low-income communities or on Indian land, and (ii) 20% bonus credit if the facility is part of a qualified low-income building project or qualified low-income benefit project.

Section 45Q (Carbon Oxide Sequestration Credit)

Section 45Q provides a tax credit for each metric ton of qualified carbon oxide (“QCO”) captured using carbon capture equipment and either disposed of in secure geological storage or used as a tertiary injection in certain oil or natural gas recovery projects.  While eligibility for the section 45Q credit under current law requires that projects begin construction before January 1, 2026, the IRA would extend credit eligibility to those carbon sequestration projects that commence construction before January 1, 2033.

The IRA would increase the amount of tax credits for projects that meet certain wage and apprenticeship requirements. Specifically, the IRA would increase the amount of section 45Q credits for industrial facilities and power plants to $85/metric ton for QCO stored in geologic formations, $60/metric ton for the use of captured carbon emissions, and $60/metric ton for QCO stored in oil and gas fields.  With respect to direct air capture projects, the IRA would increase the credit to $180/metric ton for projects that store captured QCO in secure geologic formations, $130/metric ton for carbon utilization, and $130/metric ton for QCO stored in oil and gas fields.  The proposed changes in the amount of the credit would apply to facilities or equipment placed in service after December 31, 2022.

The IRA also would decrease the minimum annual QCO capture requirements for credit eligibility to 1,000 metric tons (from 100,000 metric tons) for direct air capture facilities, 18,750 metric tons (from 500,000 metric tons) of QCO for an electricity generating facility that has a minimum design capture capacity of 75% of “baseline carbon oxide” and 12,500 metric tons (from 100,000 metric tons) for all other facilities.  These changes to the minimum capture requirements would apply to facilities or equipment that begin construction after the date of enactment.

Introduction of zero-emission nuclear power production credit

The IRA would introduce, as new section 45U, a credit for zero-emission nuclear power production.

The credit for a taxable year would be the amount by which 3 cents multiplied by the kilowatt hours of electricity produced by a taxpayer at a qualified nuclear power facility and sold by the taxpayer to an unrelated person during the taxable year exceeds the “reduction amount” for that taxable year.[4]

In addition, a taxpayer would be entitled to increase this base credit by 500% if it meets the prevailing wage requirements.

New section 45U would not apply to taxable years beginning after December 31, 2032.

Biodiesel, Alternative Fuels, and Aviation Fuel Credit

The IRA would extend the existing tax credit for biodiesel and renewable diesel at $1.00/gallon and the existing tax credit for alternative fuels at $.50/gallon through the end of 2024.  Additionally, the IRA would create a new tax credit for sustainable aviation fuel of between $1.25/gallon and $1.75/gallon.  Eligibility for the aviation fuel credit would depend on whether the aviation fuel reduces lifecycle greenhouse gas emissions by at least 50%, which corresponds to a $1.25/gallon credit (with an additional $0.01/gallon for each percentage point above the 50% reduction, resulting in a maximum possible credit of $1.75/gallon). This credit would apply to sales or uses of qualified aviation fuel before the end of 2024.

Introduction of clean hydrogen credit

The IRA would introduce, as new section 45V, a clean hydrogen production tax credit. To be eligible, a taxpayer must produce the clean hydrogen after December 31, 2022 in facilities whose construction begins before January 1, 2033.

The credit for the taxable year would be equal to the kilograms of qualified clean hydrogen produced by the taxpayer during the taxable year at a qualified clean hydrogen production facility during the ten-year period beginning on the date the facility was originally placed in service, multiplied by the “applicable amount” with respect to such hydrogen.[5]

The “applicable amount” is equal to the “applicable percentage” of $0.60. The “applicable percentage” is equal to:

  • 20% for qualified clean hydrogen produced through a process that results in a lifecycle greenhouse gas emissions rate between 2.5 and 4 kilograms of CO₂e per kilogram of hydrogen;

  • 25% for qualified clean hydrogen produced through a process that results in a lifecycle greenhouse gas emissions rate between 1.5 and 2.5 kilograms of CO₂e per kilogram of hydrogen;

  • 4% for qualified clean hydrogen produced through a process that results in a lifecycle greenhouse gas emissions rate between 0.45 and 1.5 kilograms of CO₂e per kilogram of hydrogen; and

  • 100% for qualified clean hydrogen produced through a process that results in a lifecycle greenhouse gas emissions rate of less than 0.45 kilograms of CO₂e per kilogram of hydrogen.

A taxpayer would be entitled to increase this base credit by 500% if (i) it meets the prevailing wage and apprenticeship requirements or (ii) it meets the prevailing wage requirements, and its facility begins construction within fifty-nine days after the Secretary publishes guidance on the prevailing wage and apprenticeship requirements.

FOOTNOTES

[1] All references to section are to the Internal Revenue Code.

[2] The IRA would require new prevailing wage and apprenticeship requirements to be satisfied in order for a taxpayer to be eligible for increased credits. To satisfy the prevailing wage requirements, a taxpayer would be required to ensure that any laborers and mechanics employed by contractors or subcontractors to construct, alter or repair the taxpayer’s facility are paid at least prevailing local wages with respect to those activities. To satisfy the apprenticeship requirements, “qualified apprentices” would be required to construct a certain percentage of the taxpayer’s facilities (10% for facilities whose construction begins before January 1, 2023 and 15% for facilities whose construction begins on January 1, 2024 or after). A “qualified apprentice” is a person employed by a contractor or subcontractor to work on a taxpayer’s facilities and is participating in a registered apprenticeship program.

[3] An “energy community” is a brownfield site; an area which has (or had at any time after December 31, 1999) significant employment related to the extraction, processing, transport, or storage of coal, oil, or natural gas; and a census tract in which a coal mine closed or was retired after December 31, 1999 (or an adjoining census tract).

[4] A “qualified nuclear power facility” is any nuclear facility that is owned by the taxpayer, that uses nuclear energy to produce electricity, that is not an “advanced nuclear power facility” as described in section 45J(d)(1),  and is placed in service before the date that new section 45U is enacted.

“Reduction amount” is, for any taxable year, the amount equal to (x) the lesser of (i) the product of 3 cents multiplied by the kilowatt hours of electricity produced by a taxpayer at a qualified nuclear power facility and sold by the taxpayer to an unrelated person during the taxable year and (ii) the amount equal to 80% of the excess of the gross receipts from any electricity produced by the facility (excluding an advanced nuclear power facility) and sold to an unrelated person during the taxable year; (y) over the amount equal to the product of 2.5 cents multiplied by the kilowatt hours of electricity produced by the taxpayer at a qualified nuclear power facility and sold by the taxpayer to an unrelated person during the taxable year.

[5] “Qualified clean hydrogen” is hydrogen that is produced (i) through a process that results in a lifecycle greenhouse gas emissions rate of no more than 4 kilograms of CO₂e per kilogram of hydrogen, (ii) in the United States, (iii) in the ordinary course of the taxpayer’s trade or business, (iv) for sale or use, and (v) whose production and sale or use is verified by an unrelated party. The IRA does not explain what “verified by an unrelated party” means.

Article By David S Miller, Amanda H Nussbaum, Martin T Hamilton, J. Tyler Moser, and Rita N. Halabi of Proskauer Rose LLP

For more tax law legal news, click here to visit the National Law Review.

© 2022 Proskauer Rose LLP.

Do You Have a College Student? Important Healthcare, Financial, and Educational Documents That They (and You) Need

August is upon us and you may soon be sending children off to college. If your child is age 18 or older, you and your child will need to take some simple steps so that, in the event of an emergency, you will be able to make health care and financial decisions for your child and have access to your child’s medical information and financial accounts. The same is true if you are to have access to your child’s educational records.

Medical Information. Once your child reaches age 18, your child is deemed to be an adult by law and you no longer have a legal right to make health care decisions on behalf of your child or to access your child’s health care information. As a result, if you have an adult child, your child must execute certain legal documents naming you as his or her health care agent and permitting you to access his or her medical information:

  1. Your child must execute a “Health Care Proxy” naming you as his or her agent for health care decisions. In this document, your child authorizes you to make health care decisions on your child’s behalf if he or she becomes unable to make or communicate such decisions him or herself. The child may also share his or her own wishes regarding medical treatment.
  2. Your child must also sign a “HIPAA Authorization Form.” The Health Insurance Portability & Accountability Act of 1996 (generally known as “HIPAA”) protects the privacy of an individual’s medical information, and health care providers may require written consent from a patient to share information with family members, including parents of an adult child. Your child’s college or university may also have policies in place preventing it from sharing medical information without the student’s consent. This form will serve as written permission authorizing those providing health care services to your child to share medical information with you as your child’s health care agent.
  3. In addition, you should be in contact with the health services department of your child’s college or university. The institution may provide its own form for authorizing the release of medical information that can be kept on record with the institution’s health services department.

Financial Accounts. If you are to have the ability to act on behalf of your adult child with respect to financial matters, your child also needs to execute a “Durable Power of Attorney” naming you as your child’s agent with respect to the child’s assets and finances. If your child is attending college away from home, is studying abroad, or undergoes a medical emergency, it may be useful for you to access your child’s accounts on his or her behalf. This allows you to pay bills for a child out of their accounts, make deposits and open or close accounts. In addition, a durable power of attorney allows you to handle other financial tasks for the child, like filing tax returns or renewing a lease.

Educational Records. Finally, the Family Educational Rights and Privacy Act (FERPA) protects the educational records of a child who has turned 18 or is enrolled at a postsecondary institution from access by his or her parents. If the child’s parents claim the child as a dependent on their tax returns, the parents may still access the child’s education records without the child’s consent. However, institutions may be reluctant to allow access to education records for any child over the age of 18 without a “FERPA Waiver” signed by the child, regardless of their status as a dependent. If you would like to have access to your child’s educational records, you should contact the institution to request a FERPA Waiver form.

Article By John H. Ramsey and Kerry L. Spindler of Goulston & Storrs

For more public education and services legal news, click here to visit the National Law Review.

2022 Goulston & Storrs PC.

Judge Approves $92 Million TikTok Settlement

On July 28, 2022, a federal judge approved TikTok’s $92 million class action settlement of various privacy claims made under state and federal law. The agreement will resolve litigation that began in 2019 and involved claims that TikTok, owned by the Chinese company ByteDance, violated the Illinois Biometric Information Privacy Act (“BIPA”) and the federal Video Privacy Protection Act (“VPPA”) by improperly harvesting users’ personal data. U.S. District Court Judge John Lee of the Northern District of Illinois also awarded approximately $29 million in fees to class counsel.

The class action claimants alleged that TikTok violated BIPA by collecting users’ faceprints without their consent and violated the VPPA by disclosing personally identifiable information about the videos people watched. The settlement agreement also provides for several forms of injunctive relief, including:

  • Refraining from collecting and storing biometric information, collecting geolocation data and collecting information from users’ clipboards, unless this is expressly disclosed in TikTok’s privacy policy and done in accordance with all applicable laws;
  • Not transmitting or storing U.S. user data outside of the U.S., unless this is expressly disclosed in TikTok’s privacy policy and done in accordance with all applicable laws;
  • No longer pre-uploading U.S. user generated content, unless this is expressly disclosed in TikTok’s privacy policy and done in accordance with all applicable laws;
  • Deleting all pre-uploaded user generated content from users who did not save or post the content; and
  • Training all employees and contractors on compliance with data privacy laws and company procedures.

Article By the Privacy and Cybersecurity Practice Group at Hunton Andrews Kurth

For more privacy and cybersecurity legal news, click here to visit the National Law Review.

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.

Which Business Entity is Right For You: Sole Proprietorship, Partnership, LLC, C-Corporation, or S-Corporation?

Introduction

Are you getting ready to launch your business? Or maybe you’re currently operating one and wondering what legal structure is best to use. There are a number of different legal entities to choose from. And each has its own set of pros and cons.

To determine which business entity is the best fit, you’ll want to see which one most applies to your situation and then carefully go over the pros and cons. It’s also a great idea to speak with your tax professional and an attorney.

Some things that will affect your decisions, and your long-term success, are liability protection, taxation, the complexity of management, annual requirements, and the ability to raise money from investors, if applicable.

What are the options?

New businesses in the US have a choice of five basic structures:

  • C-Corporation
  • LLC (Limited Liability Company)
  • S-Corporation
  • Sole Proprietorship
  • Partnership (aka General Partnership)

You’ll want to learn about each business structure and decide which best suits your needs. We’ll explain each type below and will also go over how they are different from each other.

Corporation (aka C-Corporation)

  • A Corporation is a separate legal entity created by state law. A Corporation is formed by filing a document called the Articles of Incorporation. This document is filed in the state where the entity is doing business and is filed with the Secretary of State or a similar government agency.
  • A Corporation must designate a Registered Agent in order to receive service of process and state correspondence.
  • By default, a Corporation is taxed under subchapter C of the Internal Revenue Code. This is often why Corporations are referred to as C-Corporations.
  • On the other hand, a Corporation can elect to be taxed as an S-Corporation (aka being taxed under subchapter S of the Internal Revenue Code) by filing Form 2553 with the IRS.
  • If the Corporation is taxed in its default status (taxed as a C-Corporation), the Corporation will face double taxation. Essentially, the Corporation is taxed at the corporate level on its profits. And then the Shareholders are taxed again, at the individual level, after they receive distributions (their share of profit).
  • C-Corporations are also responsible for paying state corporate income tax, if applicable, where they are domiciled and/or transacting business.
  • Corporations also have statutory requirements, such as electing a board of directors, designating corporate offers, holding annual meetings, and recording meeting minutes.
  • Corporations are not commonly used by small business owners. Instead, they are used by larger companies or tech startups often looking to raise venture capital from investors.

LLC (Limited Liability Company)

  • An LLC, aka Limited Liability Company, is a separate legal entity created by state law. An LLC is often formed by filing a document called the Articles of Organization. However, depending on the state, this form is also known as the Certificate of Organization or Certificate of Formation. This document is filed in the state where the entity is doing business and is filed with the Secretary of State or a similar government agency.
  • An LLC must also designate, and maintain, a Registered Agent. A Registered Agent must be located in the state where the LLC is formed. For example, if an LLC is formed in Texas, it must designate a Registered Agent in Texas.
  • The LLC is unique when it comes to tax treatment by the IRS. This means, there is no “LLC tax classification”. Instead, the LLC is taxed based on the number of owners. Alternatively, the LLC can make an election with the IRS, requesting to be taxed as a Corporation (C-Corporation or S-Corporation).
  • An LLC with one owner is known as a Disregarded Entity. This simply means the IRS “looks through” the LLC; looks at who the owner is, and taxes the individual or company accordingly. For example, if an American taxpayer is the single owner of an LLC, the LLC will be taxed as a Sole Proprietorship. If the LLC is owned by two or more people, the LLC will be taxed as a Partnership. And if the LLC is owned by another company, it will be taxed as a branch/division of the parent company.
  • And alternatively, the LLC can elect to be taxed as either a C-Corporation (by filing Form 8832) or an S-Corporation (by filing Form 2553).
  • LLCs taxed as Sole Proprietorship, Partnerships, and S-Corporations are all known as pass-through entities. This means there is no corporate-level taxation (company-level taxation). Instead, the taxes flow through to the owners and are reported and paid on their personal tax returns.
  • In the more uncommon setup – an LLC taxed as a C-Corporation – the LLC would face double taxation, just like a regular Corporation would.
  • And while an LLC may be able to be used for estate planning purposes, it’s often wiser to have your LLC owned by your trust(s). Of course, it’s best to speak with an estate planning attorney on such a matter.
  • In summary, for many small business owners, LLCs are the “best of all worlds”. They receive liability protection, just like a Corporation, but they are, by default, pass-through tax entities. And if the LLC would like to be subject to corporate tax treatment by the IRS, the LLC can make the necessary election. Said another way, while providing liability protection to its owners, the LLC can pretty much choose how it would like to be taxed.
  • LLCs also have more flexible management options and don’t have as many formal, and annual requirements, such as Corporations.
  • LLCs are the most popular type of business entity in the United States, mostly because of their flexibility and the personal liability protection they offer to owners.

S-Corporation (aka S Corp)

  • An S-Corporation is unique because it is not a legal entity, like an LLC or a Corporation. Instead, it’s a tax election made with the IRS.
  • It’s easier to think of it this way: The S-Corporation tax election “sits on top of” a state-level entity, such as an LLC or Corporation.
  • This is one of the most common myths with S-Corporations. People think you can just “form” an S-Corp. You simply cannot. There is no state or federal filing to “form” an S-Corp. Instead, one must first form an LLC or Corporation, and then timely file Form 2553 with the IRS to request to be taxed under Subchapter S of the Internal Revenue Code.
  • Once the IRS grants the elective status, it’s common to refer to the entity as an S-Corporation and its owners as Shareholders.
  • For most, the primary reason to explore S-Corp tax treatment is to save money on self-employment taxes.
  • Owners of an S-Corporation must take a “reasonable salary” (which is subject to self-employment taxes), but any remaining profit can be taken as a distribution (which isn’t subject to self-employment taxes). And that’s the main appeal of S-Corporations right there.
  • It’s important to keep in mind that with an S-Corporation, you must regularly run payroll, withhold taxes, file quarterly payroll returns (federal and state), hire a bookkeeper (or manage your own books), keep an accurate balance sheet (since it’s required to be filed with the IRS), file a corporate tax return (Form 1120S, K-1s for shareholders/owners, and any additional Schedules), and hire an accountant if you don’t have one already.
  • All of the above costs money. And those costs – which average $2,000 – $4,000 for small business owners – need to be compared to the potential self-employment tax savings; in order to make sure the S-Corp tax treatment makes sense.
  • S-Corporations can be owned by US citizens, US trusts (depending on how they’re taxed), US estates, US resident aliens, and US tax-exempt organizations.
  • S-Corporations cannot be owned by Non-US residents (aka non-resident aliens), foreign companies, C-Corporations, Partnerships, financial institutions, or insurance companies.
  • If you’re considering having your entity taxed as an S-Corporation, it’s important to speak with an accountant to make sure the extra cost – and additional filing requirements – are worth the self-employment tax savings. Having your business entity taxed as an S-Corporation can be a good idea for some, but isn’t necessarily a good idea for everyone.

Sole proprietorship

  • A Sole Proprietorship is an informal “business structure” with one owner.
  • There is no paperwork to file with the Secretary of State, or a similar government agency, to create a Sole Proprietorship.
  • You simply are a Sole Proprietorship once you engage in business activities, or engage in activities with the goal of making money.
  • A Sole Proprietor can do business under their own name or they can file a DBA (Doing Business As) Name. For example, John Doe can do business under his name, John Doe, or he can file a DBA called “John’s Painting Company”.
  • The advantage of a Sole Proprietorship is that they are easy to set up.
  • And taxes are pretty straightforward with a Sole Proprietorship. The owner will simply file a Schedule C and report their business income (or loss) on their personal tax return.
  • The largest disadvantage of Sole Proprietorship is that there is no liability protection for the owner. In the eyes of the law, the owner and their business are one and the same. If the business is involved in a lawsuit, the owner’s personal assets (home, cars, bank account, etc.) could be used to settle business debts and liabilities.
  • Another disadvantage of a Sole Proprietorship is that if you eventually form an LLC or Corporation, there is no official “conversion” filing. So you basically have to start all over again – filing paperwork with the state, getting an EIN (Federal Tax ID Number), opening a business bank account, etc. So if you’re on the fence, between an LLC or Sole Proprietorship, for example, it’s often easier to just form an LLC.
  • However, if you believe your business has a low liability risk and you don’t have money to form an LLC or Corporation, starting your business as a Sole Proprietorship may be the best method to getting your business off the ground.

General Partnership (aka Partnership)

  • A General Partnership (Partnership) is pretty much a Sole Proprietorship with 2 or more people. Said another way, it’s an informal “business structure” with multiple owners.
  • In most states, there is no paperwork to file with the Secretary of State, or a similar government agency, to create a General Partnership (there are few states though that require General Partnerships to register).
  • A Partnership can do business under the names of the owners or it can file a DBA (Doing Business As) Name.
  • The advantage of a General Partnership is that it is easy to set up.
  • Partnership taxes are not as straightforward as with a Sole Proprietorship though. For instance, the Partnership must file a Form 1065 and issue K-1s to the partners. Then the partners report their K-1 income on their personal tax returns.
  • The largest disadvantage of a Partnership is that there is no liability protection for the owners. Again, in the eyes of the law, the owners and their businesses are one and the same. If the business is involved in a lawsuit, the owner’s personal assets (home, cars, bank accounts, etc.) could be used to settle business debts and liabilities.
  • While a Partnership may be a good way to save money and get a business off the ground, most people quickly shift to a legal business entity, like an LLC or Corporation.

Choosing the best entity structure for your business

  • Generally speaking, the LLC is the most adaptable corporate structure, and for that reason the most popular choice in the U.S. The LLC can pretty much choose how it would like to be taxed by the IRS, all while providing its owners’ personal liability protection.
  • Having said that, some owners may elect for their LLC to be taxed as an S-Corporation to save money on self-employment taxes.
  • Or larger businesses (or those raising money) may prefer to form a Corporation, especially if they have large healthcare expenses.
  • And while Sole Proprietorships and General Partnerships may be good to start off with, owners may quickly outgrow them or not feel comfortable with the lack of personal liability protection.

Conclusion

Choosing the best legal entity for your business is a game of weighing the pros and cons. Things to consider are liability protection for the owners, tax treatment by the IRS, and the reporting requirements, among other things. Typically, larger companies or those raising money from investors opt for the Corporation, while most small business owners choose to form an LLC.

Article By Matt Horwitz of LLC University

For more corporate and business legal news, click here to visit the National Law Review.

© Copyright 2010 LLC University

Law Firm Specialization: Why It Matters

While in theory, the idea of casting a wider net may lead you to believe that you’ll catch more fish, the truth is it doesn’t always apply to business. When it comes to catching customers, the more you appeal to one specific kind of customer, the higher your success rate, and the more qualified you’ll be at what you do. Practicing law is no exception. In today’s age, more and more law firms are starting to recognize legal specialization as a necessity for tapping into their target market. Not only does it benefit clients, but it also benefits legal professionals. 

Benefits for Lawyers

Better Client Relationships

When you specialize in an area of law, you intimately know your niche, whether that be corporate law, health law, criminal law, environmental law, or international law.  As such, you can provide the best possible representation to your clients and better pinpoint solutions to their problems as a certified specialist. Exclusively specializing also means that you are well informed of all of the latest updates, news, legal issues, strategies, and changes in that area of law. When compared to having a general understanding of the law, this is a tremendous benefit to your clients since you offer tailored legal guidance unique to their circumstances. A law practice that has handled hundreds of cases similar to their clients’ can anticipate and navigate the nuances of such a case on a much deeper level than someone who doesn’t have the same kind of experience under their belt.

Less Competition

As an expert in a very specific area of law, you effectively position yourself as the easy choice to opt for you over a competing attorney with a more generalized approach. In essence, your competitor pool shrinks significantly. General practice attorneys with a wide breadth of practice areas are going to be competing with every other such law office within a ten-mile (or more) radius. Yet, if your law practice specializes in boat accident cases, you’re likely one of few options, if any, in your respective region, thereby lowering your marketing costs, and potentially increasing client acquisition volume for this legal specialization. Assuming your reputation is top notch, the more specific you can be about your legal services, the more challenging it is for competitors to keep up with you.

Improved Visibility

Law firms that choose to specialize don’t just stand out, but are often featured in publications related to their practice area. The more you can partner with local businesses that are related to or adjacent to your area of expertise, the greater your sphere of influence. For instance, if your practice focuses solely on estate planning for the highly wealthy, you’ll likely opt to leave business cards where the wealthy are bound to spend time, like country clubs, civic clubs or auctions. Get creative with candidates in your referral network; it’ll pay dividends over the lifetime of your business.

Greater Satisfaction

As the saying goes, “do something that you love and you’ll never work another day in your life.” When choosing what you want to specialize in, consider an area that speaks to you on an emotional and even philanthropic level. One of the benefits of choosing a niche is doing something that you truly enjoy day in and day out. Not only will you get a real sense of fulfillment on the best days of your profession but clients can easily sense when your practice area originated from a true passion of yours. Plus, it’s always more advantageous to be a big fish in a small pond as opposed to a small fish in a big one.

Increased Expertise

Expertise involves becoming a thought leader in your area of law. Naturally, mastery requires experience. Attorneys who bounce between different types of cases don’t have the same familiarity with the nuances and challenges as someone who handles the same type of legal representation every time. While it’s always a good idea to have legal malpractice insurance, specializing in one niche area of expertise may also lessen the chances of your law firm having to put it to use. When you are recognized as an expert in your specialization area, you don’t just attract more clients, but you also win more referrals through client trust.

Better Efficiency

Completing the same workflows and legal documents over and over again in quick succession equates to faster completion, since you know them inside and out. As such, specialized lawyers can master the administrative side of running their law firm in a fraction of the time.

In today’s legal climate, more and more legal professionals are turning to automation tools to streamline recurring processes such as client intake and billing. Time-consuming document generation, for instance, can now be done in a matter of seconds rather than hours thanks to automated workflows.

Greater Profitability

When your practice is specialized you’ll increase your value thanks to the power of referrals.  Concentrating on one type of case brings extra knowledge and experience to the table that clients yearn for, who will in turn refer you to their friends and family. Since 80% of a law firm’s business typically comes from referrals, the more targeted you are, the more your practice may benefit from word of mouth.

As a result of your greater understanding of the inner workings of certain cases, you’ll develop a strong reputation for getting clients the results they’re after, ultimately increasing your overall profitability. The more you can offer experience paired with efficiency, the more work you can take on, increasing your overall revenue.

Benefits for Clients

Improved Guidance

When a client seeks out a legal professional that is well versed and focused on their particular needs, they in return receive much better guidance for their specific context. Beyond the legal support that a specialist offers, also comes a deeper understanding of the emotional needs of their client. For more turbulent cases such as divorce cases or immigration, a specialized lawyer can be an enormous benefit to the mental well being of those they have trusted with their case.

Increased Network

Specialists have a wide network of other experts that they can use to the client’s advantage. Because they have a more comprehensive list of contacts to support their case, clients have greater access to leading experts who can provide adjacent services and even strengthen their case.

Better Success Rate

There’s a reason why general practitioners in the medical field typically don’t perform spinal surgery — because it requires unique skills. The same logic can be applied to law. Attorneys specializing in a particular field generally have a higher rate of winning cases in court or settling successfully. Specialized lawyers who see the same case types day in and day out can offer a much higher success rate based on experience and dedication. Those who hire specialized attorneys generally are more at ease knowing they’re in good hands when it comes to their legal proceedings.

When is a Good Time to Consider Specialization?

It can be unnerving to dive into specialization from a generalized legal focus, so it’s important that you read the room first. In order to ensure that whatever you choose to specialize in will deliver the kind of demand that you hope for, answer the following questions using the data at your disposal:

  • What trends are you seeing in the types of cases you currently manage?
  • What is your success rate in those cases?
  • How satisfied were the clients?
  • Which cases have been the most lucrative for you?

If you notice that you take on a considerable amount of one type of case that’s yielding happy clients, then it’s a good indication that it would make a great choice to specialize in. If you don’t feel like you have the experience or know-how to call yourself an authority on one particular niche yet, then allow yourself more time to grow.

Ultimately, there is no defining moment that is the same for every lawyer who chooses to specialize. It all comes down to how much knack and drive you have for one kind of legal resource.

How to Identify Your Specialization Niche

1. Create a Vision

Every achievement starts with a vision. Your vision will be the very foundation of your overall success, and how you are perceived as a brand. When creating your vision, take into account not only your skills but also what drives you. How do you see yourself representing your clients and what do you hope to achieve for them? Are you passionate about one type of law specifically, such as civil rights, intellectual property, or family law? What do you love about practicing law and why? Let these answers be your guiding light when forming a vision for how you hope to stand out.

2. Consider Your Experience

First and foremost, it’s ill-advised to choose a niche that you have no experience in. Choosing to specialize in something that you aren’t well versed in would not only be setting yourself up for failure, but it’s a risk to any potential clients who choose to come your way.

One of the greatest tools you have for narrowing down your choices is consulting with other more experienced lawyers and mentors. Ask them for their advice based on personal stories, recommendations, and experience-based guidance.

Talk to other lawyers that specialize in the area you’re considering and pick their brains. Be direct and ask the questions that matter most like:

  • What are the biggest challenges in this area of law?
  • What are the greatest rewards?
  • What is the success rate?
  • What are the long-term implications?

When you hear about the advantages that law firm specialization can offer, it may be tempting to jump in head first. Yet, it’s important to step back and assess all of your choices. Weigh out the pros and cons, and go back to your overall vision.

Rushing in too quickly can lead to prematurely pigeon-holing yourself into something that ultimately restricts you from your full potential and passions.

Pick a Specialization and Pursue it

There are many advantages to becoming a specialized legal professional. If you can manage to pick a niche and master it, you won’t just find yourself with less competition, but you’ll have a greater devotion to practicing law.

Article By Sarah Bottorff of Lawmatics

For more business of law legal news, click here to visit the National Law Review.

©2022 — Lawmatics

Are You Ready for 2023? New Privacy Laws To Take Effect Next Year

Five new state omnibus privacy laws have been passed and will go into effect in 2023. Organizations should review their privacy practices and prepare for compliance with these new privacy laws.

What’s Happening?

While the US currently does not have a federal omnibus privacy law, states are beginning to pass privacy laws to address the processing of personal data. While California is the first state with an omnibus privacy law, it has now updated its law, and four additional states have joined in passing privacy legislation: Colorado, Connecticut, Utah, and Virginia. Read below to find out if the respective new laws will apply to your organization.

Which Organizations Must Comply?

The respective privacy laws will apply to organizations that meet particular thresholds. Notably, while most of the laws apply to for-profit businesses, we note that the Colorado Privacy Act also applies to non-profits. There are additional scope and exemptions to consider, but we provide a list of the applicable thresholds below.

The California Privacy Rights Act (CPRA) – Effective January 1, 2023

The CPRA applies to for-profit businesses that do business in California and meet any of the following:

  1. Have a gross annual revenue of over $25 million;
  2. Buy, receive, or sell the personal data of 100,000 or more California residents or households; or
  3. Derive 50% or more of their annual revenue from selling or sharing California residents’ personal data.

Virginia Consumer Data Protection Act (CDPA) – Effective January 1, 2023

The CDPA applies to businesses in Virginia, or businesses that produce products or services that are targeted to residents of Virginia, and that:

  1. During a calendar year, control or process the personal data of at least 100,000 Virginia residents, or
  2. Control or process personal data of at least 25,000 Virginia residents and derive over 50% of gross revenue from the sale of personal data.

Colorado Privacy Act (CPA) – Effective July 1, 2023

The CPA applies to organizations that conduct business in Colorado or produce or deliver commercial products or services targeted to residents of Colorado and satisfy one of the following thresholds:

  1. Control or process the personal data of 100,000 Colorado residents or more during a calendar year, or
  2. Derive revenue or receive a discount on the price of goods or services from the sale of personal data, and process or control the personal data of 25,000 Colorado residents or more.

Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTPDA) – Effective July 1, 2023

The CTPDA applies to any business that conducts business in the state, or produces a product or service targeted to residents of the state, and meets one of the following thresholds:

  1. During a calendar year, controls or processes personal data of 100,000 or more Connecticut residents, or
  2. Derives over 25% of gross revenue from the sale of personal data and controls or processes personal data of 25,000 or more Connecticut residents.

Utah Consumer Privacy Act (UCPA) – Effective December 31, 2023

The UCPA applies to any business that conducts business in the state, or produces a product or service targeted to residents of the state, has annual revenue of $25,000,000 or more, and meets one of the following thresholds:

  1. During a calendar year, controls or processes personal data of 100,000 or more Utah residents, or
  2. Derives over 50% of the gross revenue from the sale of personal data and controls or processes personal data of 25,000 or more Utah residents.

The Takeaway 

Organizations that fall under the scope of these respective new privacy laws should review and prepare their privacy programs. The list of updates may involve:

  • Making updates to privacy policies,
  • Implementing data subject request procedures,
  • How your business is handling AdTech, marketing, and cookies,
  • Reviewing and updating data processing agreements,
  • Reviewing data security standards, and
  • Providing training for employees.

Article By Eva J. Pulliam, Christine Chong, and Destiny Planter of ArentFox Schiff LLP

For more privacy and cybersecurity legal news, click here to visit the National Law Review. 

© 2022 ArentFox Schiff LLP

Medicare CERT Audits and How to Prepare for Them

CERT audits are an unfortunate part of doing business for healthcare providers who accept Medicare. Failing the audit can mean the provider has to pay back overcharges and be subjected to increased scrutiny in the future. 

The best way to be prepared for a CERT audit is to have a compliance strategy in place and to follow it to the letter. Retaining a healthcare lawyer to craft that strategy is essential if you want to make sure that it is all-encompassing and effective. It can also help to hire independent counsel to conduct an internal review to ensure the compliance plan is doing its job.

When providers are notified of a CERT audit, hiring a Medicare lawyer is usually a good idea. Providers can fail the audit automatically if they do not comply with the document demands.

What is a CERT Audit?

The Comprehensive Error Rate Testing (CERT) program is an audit process developed by the Centers for Medicare and Medicaid Services (CMS). It is administered by private companies, called CERT Contractors, which work with the CMS. Current information about those companies is on the CMS website.

The CERT audit compares a sampling of bills for Medicare fee-for-service (FFS) payments, which were sent by the healthcare provider to its Medicare Administrative Contractor (MAC), against medical records for the patient. The audit looks at whether there is sufficient documentation to back up the claim against Medicare, whether the procedure was medically necessary, whether it was correctly coded, and whether the care was eligible for reimbursement through the Medicare program.

Every year, the CERT program audits enough of these FFS payments – generally around 50,000 per year – to create a statistically significant snapshot of inaccuracies in the Medicare program.

The results from those audits are reported to CMS. After appropriately weighing the results, CMS publishes the estimated improper payments or payment errors from the entire Medicare program in its annual report. In 2021, the CMS estimated that, based on data from the CERT audits, 6.26 percent of Medicare funding was incorrectly paid out, totaling $25.03 billion.

The vast majority of those incorrect payments, 64.1 percent, were marked as incorrect because they had insufficient documentation to support the Medicare claim. Another 13.6 percent were flagged as medically unnecessary. 10.6 percent was labeled as incorrectly paid out due to improper coding. 4.8 percent had no supporting documentation, at all. 6.9 percent was flagged as incorrectly paid for some other reason.

The CERT Audit Process

Healthcare providers who accept Medicare will receive a notice from a CERT Contractor. The notice informs the provider that it is being CERT audited and requests medical records from a random sampling of Medicare claims made by the provider to its MAC.

It is important to note that, at this point, there is no suspicion of wrongdoing. CERT audits examine Medicare claims at random.

Healthcare providers have 75 days to provide these medical records. Failing to provide the requested records is treated as an audit failure. In 2021, nearly 5 percent of failed CERT audits happened because no documentation was provided to support a Medicare claim.

Once the CERT Contractor has the documents, its team of reviewers – which consists of doctors, nurses, and certified medical coders – compares the Medicare claim against the patient’s medical records and looks for errors. According to the CMS, there are five major error categories:

  • No documentation

  • Insufficient documentation

  • Medical necessity

  • Incorrect coding

  • Other

Errors found during the CERT audit are reported to the healthcare provider’s MAC. The MAC can then make adjustments to the payments it sent to the provider.

Potential Repercussions from Errors Found in a CERT Audit

CERT audits that uncover errors in a healthcare provider’s Medicare billings lead to recoupments of overpayments, future scrutiny, and potentially even an investigation for Medicare fraud.

When the CERT audit results are brought to the MAC’s attention, the MAC will adjust the payments that it made to the provider. If the claims led to an overpayment, the MAC will demand that money back.

But Medicare Administrative Contractors (MACs) can go further than just demanding restitution for overpayments. They can also require prepayment reviews of all of the provider’s future Medicare claims, and can even suspend the provider from the program, entirely.

Worse still, CERT audits that uncover indications of Medicare fraud may be reported to a law enforcement agency for further review. This can lead to a criminal investigation and potentially even criminal charges.

Appealing a CERT Audit’s Results

With penalties so significant, healthcare providers should seriously consider hiring a lawyer to appeal the results of a CERT audit.

Appeals are first made to the MAC, requesting a redetermination of the audit results. The request for redetermination has to be made within 120 days of receiving notice of the audit results. However, if the provider wants to stop the MAC from recouping an overpayment in the meantime, it has to lodge the request within 30 days.

Providers can appeal the results of the redetermination, as well. They can request a reconsideration by a Qualified Independent Contractor within 180 of the redetermination, or within 60 days to stop the MAC’s recoupment process.

Providers who are still dissatisfied can appeal the case to an administrative law judge, then to the Medicare Appeals Council, and finally to a federal district court for review.

How to Handle a CERT Audit

The best way to handle and to prepare for a CERT audit is to hire Medicare audit attorneys to guide you through the process. It would also help to start internal audits within the company.

For providers who have been notified that they are under an audit, getting a lawyer on board immediately is essential. An experienced healthcare attorney can conduct a thorough internal investigation of the claims being audited. This can uncover potential problems before the audit points them out, giving the healthcare provider the time it needs to prepare its next steps.

Providers who are not currently being audited can still benefit from an attorney’s guidance. Whether by drafting a compliance plan that will prepare the provider for an inevitable CERT audit or by conducting an internal investigation to see how well a current compliance plan is performing, a lawyer can make sure that the provider is ready for an audit at a moment’s notice.

Taking these preventative steps soon is important. CMS put the CERT audit program on halt for the coronavirus pandemic, but that temporary hold was rescinded on August 11, 2020. While the CMS has reduced the sample sizes that will be used for its 2021 and 2022 reports, it will likely go back to the original numbers after that. Healthcare providers should prepare for this increased regulatory oversight appropriately.

Article By Dr. Nick Oberheiden of Oberheiden P.C.

For more litigation legal news, click here to visit the National Law Review.

Oberheiden P.C. © 2022