Tag: health

Rethinking Transparency – Inpatient Prospective Payment System Final Rule Rescinds Proposed Survey Disclosure Rule

The 2018 Inpatient Prospective Payment System (IPPS)/Long-Term Care Hospital (LTCH) Prospective Payment System (PPS) proposed rule, published in April 2017, contained a controversial provision that would have required accrediting organizations (AOs) that confer deemed status (such as The Joint Commission and DNV) to make all survey reports and acceptable plans of correction publicly available on their websites within 90 days of issuance (Proposed Transparency Rule). While the proposed rule cited the goal of improved transparency and enhancing patient health and safety, hospitals and other health care facilities that rely on AOs for deemed status voiced significant concerns about the unintended consequences of such disclosures, including providing an AO-slanted view of events, placing health care facilities on the defensive regarding corrective actions, the inability to correct misstatements in survey reports, and the risk that the public would not understand the survey process and become unreasonably biased against certain facilities. The Proposed Transparency Rule also garnered comment as Centers for Medicare and Medicaid Services (CMS) does not require itself to make all of its survey reports publicly available in such a short time frame, and does not presently make full plans of correction for all health care facilities readily available to the public.

To the surprise of some in the industry, the 2018 IPPS/LTCH PPS final rule (Final Rule) released on August 2, 2017, withdrew the Proposed Transparency Rule in its entirety, for a reason entirely unrelated to the main arguments that had been raised: potential conflict with Section 1865(b) of the Social Security Act (Act). Section 1865(b) of the Act provides that:

The Secretary may not disclose any accreditation survey (other than a survey with respect to a home health agency) made and released to the Secretary by the American Osteopathic Association or any other national accreditation body, of an entity accredited by such body, except that the Secretary may disclose such a survey and information related to such a survey to the extent such survey and information relate to an enforcement action taken by the Secretary. See 42 USC 1395bb.

CMS indicated in the Final Rule that it was concerned that implementing the Proposed Transparency Rule would “appear as if CMS was attempting to circumvent” the Act by requiring the AOs to release their own survey reports—a concern that was sufficient for the Proposed Transparency Rule to be withdrawn.

Whatever the basis of the decision, AOs, hospitals and health care facilities must prepare for the next effort to make AO and CMS survey and plan of correction information readily available on-line—transparency may have been delayed by the withdrawal of the Proposed Transparency Rule—but it is on the way, like it or not.

This post was written bySandra M. DiVarco  of McDermott Will & Emery.
More legal analysis available at the National Law Review.

US Attorney’s Office in Chicago Announces Creation of Health Care Fraud Unit

Acting US Attorney Joel Levin says the new dedicated unit aims to bring “even greater focus, efficiency, and impact to our efforts in this important area.”

The US Attorney’s Office for the Northern District of Illinois recently announced the creation of a Health Care Fraud Unit—a team of five assistant US attorneys devoted to prosecuting all types of healthcare fraud cases, including fraudulent billing schemes and diversion of controlled substances.

The announcement came just days after the largest US Department of Justice national healthcare fraud enforcement “takedown” action against 412 defendants across 41 federal districts for the alleged participation in schemes involving over $1 billion in fraudulent healthcare billing. Fifteen individuals, including two Chicago-area licensed physicians, are facing federal criminal charges and potential Office of Inspector General (OIG) exclusion as a result of this action.

Nationwide, US Attorney offices have a major role in healthcare fraud enforcement. In Fiscal Year 2016 alone, US Attorney offices opened 975 new criminal healthcare fraud investigations and 930 new civil healthcare fraud investigations.[1] 

While the US Attorney’s Office for the Northern District of Illinois has a long history of prosecuting healthcare fraud cases, the creation of a dedicated unit within the office may have a number of quantifiable effects, including the following:

Rise in Criminal Investigations and Prosecutions. The dedicated unit, comprised of criminal prosecutors, will focus on the criminal prosecution of entities and individuals when the alleged healthcare fraud rises to the level of criminal culpability. As such, there likely will be a rise in investigative activity that includes attempted interviews of potential targets, subjects, or witnesses by government agents; the issuance of grand jury subpoenas; and the execution of search warrants.

In addition, the criminal prosecutors undoubtedly will work closely with government attorneys assigned to the civil division and—to the extent permitted in accordance with grand jury secrecy rules—share certain information with civil division attorneys.

Rise in Enforcement Investigations and Actions. With increased focus, resources, and the sharing of information obtained from criminal investigations, there also may be a rise in the number of civil investigative demands issued to companies in the healthcare industry that are suspected of fraud, waste, and abuse. The US Attorney’s Office for the Northern District of Illinois may become more proactive in its efforts—alongside the OIG—to increase the collection of civil penalties against healthcare organizations and executives.

Rise in Qui Tam Suits. With a dedicated Health Care Fraud Unit, the Northern District of Illinois may become a more attractive venue for whistleblowers seeking to recover under the False Claims Act for alleged fraud, waste, and abuse.

The new Health Care Fraud Unit will operate within the criminal division of the US Attorney’s Office for the Northern District of Illinois. Assistant US Attorney Heather McShain will lead the unit, and Assistant US Attorney Stephen Chahn Lee will serve as senior counsel.

For more Health Care news go to the National Law Review.

[1] See The Department of Health and Human Services and The Department of Justice Health Care Fraud and Abuse Control Program Annual Report for Fiscal Year 2016.

This post was written by Tinos Diamantatos and  Eric W. Sitarchuk of Morgan, Lewis & Bockius LLP.

Eating Disorders are Mental Health Conditions Subject to Parity Law

The Departments of Labor, Treasury and Health and Human Services (Departments) continue to issue FAQs addressing the implementation of the Mental Health Parity and Addiction Equity Act of 2008 (MHPAEA), as amended by the Affordable Care Act and the 21st Century Cures Act (Cures Act). The MHPAEA prohibits group health plans from imposing financial requirements and treatment limitations on mental health and substance use disorder benefits that are more restrictive than the requirements imposed on medical and surgical benefits. The Cures Act requires the Departments to solicit public feedback regarding how to improve required disclosures under the MHPAEA. The FAQs in Part 38 contain the same request for public comment that was in Implementation Part 34, and provide a draft model form that can be used by participants to request information from a health plan regarding nonquantitative treatment limitations (NQTL) that may affect their mental health and substance use disorder benefits, or to obtain documentation after an adverse benefit determination involving these benefits.

In addition, the FAQs provide guidance regarding eating disorder coverage. If a plan provides these benefits, FAQ-1 in Part 38 confirms that the coverage must comply with the MHPAEA. The guidance indicates that “eating disorders are mental health conditions and therefore treatment of an eating disorder is a ‘mental health benefit’ within the meaning of that term as defined by MHPAEA.”  Plans should be reviewed to determine whether financial requirements and treatment limitations placed on eating disorder treatment comply with the parity requirements under the MHPAEA.

This post was written by Sarah Roe Sise of Armstrong Teasdale LLP.

For more legal analysis check out the National Law Review.

Long-Term Effects of Nonfatal Drowning Cannot Be Accurately Predicted

According to the Centers for Disease Control and Prevention (CDC), from 2005-2014, an average of 3,536 fatal unintentional drownings occurred per year in the United States. Approximately one in five people who die from drowning are children 14 years old or younger; children one to four years old have the highest drowning rates.

For every death caused by drowning, five children receive emergency room care for nonfatal drowning injuries. Nonfatal drowning can cause hypoxic-ischemic brain injury that may result in long-term disabilities ranging from memory problems and learning disabilities to total loss of basic functioning (persistent vegetative state).

A recent review study found that neurocognitive outcome of children after drowning incidents cannot be accurately predicted from early examinations and treatment. In the study, researchers sought to:  a) report the main factors related to the outcome of drowned children, and b) present existing evidence of long-term neurologic outcome. While some injuries caused by near drownings become evident shortly after the incident, the evidence showed that the initial neurological examination may not reveal all of the long-term effects related to hypoxic brain injury in young children. Skills such as divided attention and executive functions may be negatively affected after a brain injury caused by a nonfatal drowning. Long-term follow-up of drowned resuscitated children should be undertaken.

The review study showed that the long-term outcome of survived drowning victims depends mainly on the severity of the initial ischemic brain insult, the effectiveness of immediate resuscitation with transfer to the ER, and on the post-resuscitation management in the hospital. The study noted that the most susceptible areas to ischemic injury are vascular end zones, hippocampus, insular cortex, and basal ganglia. With greater severity of hypoxic-ischemia, more extensive and global neocortical injury will occur.

Electroencephalograms (EEG) provide useful information to differentiate between patients with good and poor neurological outcome. However, the accuracy in predicting long-term neurological outcome is lacking. The increased use of neuroimaging techniques such as MRIs can add valuable information. The ability to see the degree of edema and brain swelling is better with an MRI than with a CT scan. But the fact remains that data on long-term follow-up and outcome are scarce.

This post was written by Bruce H. Stern of  Stark & Stark.

The Healthcare Executive’s Simple Guide to FMV For Attorneys, C-Suite, Compliance, and Physicians

Health ABA adsThe ABA has developed a guide for healthcare executives: The Healthcare Executive’s Simple Guide to FMV For Attorneys, C-Suite, Compliance, and Physicians.  This guide has been developed to provide basic information on nearly every type of transaction or compensation arrangement that must adhere to the FMV standard.

Click here to order.

This guide will help healthcare executives navigate nearly every type of FMV opinion for transactions and compensation agreements. Readers will be able to quickly access pertinent material to help better understand and ensure a sound FMV analysis.

The Guide covers:
• Current regulatory environment and guidance behind FMV
• What to ask when engaging an appraiser to help ensure you will get a defensible opinion
• Value drivers behind over 20 of the most common facility transactions and agreement types
• Checklist when reviewing a FMV opinion and the Commercially Reasonable standard

 

CBO Greenlights Telehealth Provisions in Senate’s CHRONIC Care Act

Last week, the Congressional Budget Office (CBO) concluded that a key piece of telehealth legislation, the CHRONIC Care Act of 2017, would not, overall, increase or decrease Medicare spending. This score is significant as it marks the first time that CBO has concluded that providing enhanced Medicare coverage for telehealth services would be budget neutral and clears the path for Congress to pass the legislation in a tough political climate.

american health care actThe CHRONIC Care Act was developed by the Senate Finance Committee’s Bipartisan Chronic Care Working Group. If enacted, the bill would expand Medicare coverage of telehealth services in four ways:

  • Nationwide Coverage for Telestroke – Currently, Medicare will pay a physician for consulting on a patient experiencing acute stroke symptoms via telehealth only if the hospital where the patient is located is in a rural Health Professional Shortage Area (HPSA) or a county outside a Metropolitan Statistical Area (MSA). Under the CHRONIC Care Act, beginning in 2019, the geographic restriction would be eliminated and physicians would receive payment for telestroke consultations regardless of the hospital location.
  • Home Remote Patient Monitoring for Dialysis Therapy – Medicare requires that beneficiaries receiving home dialysis treatments have a monthly clinical assessment from their health care provider. Under current law, beneficiaries can only use telehealth to satisfy the clinical assessment requirement if the patient is at an authorized originating site (e.g., a physician office) located in a rural HPSA or a county outside an MSA. Beginning in 2019, beneficiaries could receive the required monthly clinical assessment from a freestanding dialysis facility or the patient’s home without geographic restriction.
  • Enhanced Telehealth Coverage for ACOs – The CHRONIC Care Act would apply the Next Generation ACO telehealth waiver criterion to the Medicare Shared Savings Program (MSSP) Track II, MSSP Track III, and the Pioneer ACO program. Specifically, the legislation would (i) eliminate the geographic component of the originating site requirement, and (ii) allow beneficiaries assigned to the approved MSSP and ACO programs to receive telehealth services in the home.
  • Increased Flexibility for Telehealth Coverage under Medicare Advantage Plans – Under current law, a Medicare Advantage (MA) plan may provide telehealth benefits beyond those that are currently reimbursed by Medicare. However, these enhanced telehealth services are not separately paid for by Medicare and MA plans must use their rebate dollars to pay for those services as a supplemental benefit. The CHRONIC Care Act would allow an MA plan to offer additional, clinically appropriate, telehealth benefits in its annual bid amount beginning in 2020.

The CHRONIC Care Act has been widely heralded by health care providers as a first step in removing barriers to providing telehealth services to Medicare beneficiaries. In a recent Senate Finance Committee hearing, health care providers voiced their support for greater coverage of telemedicine services. The Senate Finance Committee is in the process of marking up the bill.

This post was written by Carrie Roll of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

Practicing Telemedicine Across State Borders: New Expedited Licenses Permit Physicians to Expand Practice

In a watershed moment for the expansion of telemedicine, the Interstate Medical Licensure Compact Commission is now processing applications to allow physicians to practice telemedicine across state lines with greater ease. Nineteen states have passed legislation to adopt the Interstate Medical Licensure Compact, which allows physicians to obtain a license to practice medicine in any Compact state through a simplified application process.  Under the new system, participating state medical boards retain their licensing and disciplinary authority, but agree to share information essential to licensing, creating a streamlined process.

The Federation of State Medical Boards’ President and CEO, Humayun Chaudhry, DO, MACP, called the Compact a “milestone” for medical regulation in the United States.  “The launch of the Compact will empower interested and eligible physicians to deliver high-quality care across state lines to reach more patients in rural and underserved communities. This is a major win for patient safety and an achievement that will lessen the burden being felt nationwide as a result of our country’s physician shortage.”

States currently participating in the Compact are Idaho, Montana, Wyoming, Nevada, Arizona, Utah, Colorado, South Dakota, Kansas, Minnesota, Iowa, Wisconsin, Illinois, Mississippi, Alabama, West Virginia, Pennsylvania, New Hampshire, and Nebraska.  Seven additional states have proposed legislation to adopt the Compact, including Washington, D.C.

Most states require a physician to obtain a license to practice medicine in each state where the patient is located at the time of the physician-patient encounter.  Prior to adoption of the Compact, obtaining licensure in a given state was an oppressive task, requiring the physician to complete lengthy applications, submit required documentation, pay fees, and pass examinations.  This proved to be a burdensome restriction for physicians practicing telemedicine, where patients may be located in any state at the time of the physician-patient encounter.  Licensing requirements were identified as a significant barrier to the expansion of telemedicine, prompting introduction of the Compact.

Physicians are eligible to apply for the Compact license if they possess a full and unrestricted license to practice medicine in a Compact state and have not been disciplined by any state medical board, among other requirements.  To apply, the physician must designate a Compact state as the “state of principal licensure” and select the other Compact states in which they would like to become licensed.  The state of principal licensure will verify the physician’s eligibility and provide credential information to the Interstate Commission.  The Interstate Commission then collects applicable fees and transmits the physician’s information to the additional states, where the licenses will then be granted.

Participation in the Compact creates another pathway for licensure, but does not otherwise change a state’s existing Medical Practice Act.  Physicians located in a state that has not adopted the Compact may still obtain licensure in other states through the ordinary licensure process.

This post was written by Marki Stewart at Dickinson Wright PLLC.

Office for Civil Rights (OCR) to Begin Phase 2 of HIPAA Audit Program

Mcdermott Will Emery Law Firm

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) will soon begin a second phase of audits (Phase 2 Audits) of compliance with Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy, security and breach notification standards (HIPAA Standards) as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act. Unlike the pilot audits during 2011 and 2012 (Phase 1 Audits), which focused on covered entities, OCR will conduct Phase 2 Audits of both covered entities and business associates.  The Phase 2 Audit Program will focus on areas of greater risk to the security of protected health information (PHI) and pervasive noncompliance based on OCR’s Phase I Audit findings and observations, rather than a comprehensive review of all of the HIPAA Standards.  The Phase 2 Audits are also intended to identify best practices and uncover risks and vulnerabilities that OCR has not identified through other enforcement activities.  OCR will use the Phase 2 Audit findings to identify technical assistance that it should develop for covered entities and business associates.  In circumstances where an audit reveals a serious compliance concern, OCR may initiate a compliance review of the audited organization that could lead to civil money penalties.

The following sections summarize OCR’s Phase 1 Audit findings, describe the Phase 2 Audit program and identify steps that covered entities and business associates should take to prepare for the Phase 2 Audits.

Phase 1 Audit Findings

OCR audited 115 covered entities under the Phase 1 Audit program, with the following aggregate results:

  • There were no findings or observations for only 11% of the covered entities audited;
  • Despite representing just more than half of the audited entities (53%), health care providers were responsible for 65% of the total findings and observations;
  • The smallest covered entities were found to struggle with compliance under all three of the HIPAA Standards;
  • Greater than 60% of the findings or observations were Security Standard violations, and 58 of 59 audited health care provider covered entities had at least one Security Standard finding or observation even though the Security Standards represented only 28% of the total audit items;
  • Greater than 39% of the findings and observations related to the Privacy Standards were attributed to a lack of awareness of the applicable Privacy Standard requirement; and
  • Only 10% of the findings and observations were attributable to a lack of compliance with the Breach Notification Standards

The Phase 2 Audit Program

Selection of Phase 2 Audit Recipients

Unlike the Phase 1 Audit Program, which focused on covered entities, OCR will conduct Phase 2 Audits of both covered entities and business associates.  OCR has randomly selected a pool of 550–800 covered entities through the National Provider Identifier database and America’s Health Insurance Plans’ databases of health plans and health care clearinghouses.  OCR will issue a mandatory pre-audit screening survey to the pool of covered entities this summer.  The survey will address organization size measures, location, services and contact information.  Based on the responses, the agency will select approximately 350 covered entities, including 232 health care providers, 109 health plans and 9 health care clearinghouses, for Phase 2 Audits.  OCR intends to select a wide range of covered entities and will conduct the audits between October 2014 and June 2015.

OCR will notify and send data requests to the 350 selected covered entities this fall.  The data requests will ask the covered entities to identify and provide contact information for their business associates.  OCR will select the business associates that will participate in the Phase 2 Audits from this pool.

Audit Process

OCR will audit approximately 150 of the 350 selected covered entities and 50 of the selected business associates for compliance with the Security Standards, 100 covered entities for compliance with the Privacy Standards and 100 covered entities for compliance with the Breach Notification Standards.  OCR will initiate the Phase 2 Audits of covered entities by sending the data requests this fall and then initiate the Phase 2 Audits of business associates in 2015.

Covered entities and business associates will have two weeks to respond to OCR’s audit request.  The data requests will specify the content, file names and other documentation requirements, and the auditors may contact the covered entities and business associates for clarifications or additional documentation.  OCR will only consider current documentation that is submitted on time.  Failure to respond to a request could lead to a referral to the applicable OCR Regional Office for a compliance review.

Unlike the Phase 1 Audits, OCR will conduct the Phase 2 Audits as desk reviews with an updated audit protocol and not on-site at the audited organization.  OCR will make the Phase 2 Audit protocol available on its website so that entities may use it for internal compliance assessments.

The Phase 2 Audits will target HIPAA Standards that were sources of high numbers of non-compliance in the Phase 1 Audits, including:  risk analysis and risk management; content and timeliness of breach notifications; notice of privacy practices; individual access; Privacy Standards’ reasonable safeguards requirement; training to policies and procedures; device and media controls; and transmission security.  OCR also projects that Phase 2 Audits in 2016 will focus on the Security Standards’ encryption and decryption requirements, facility access control, breach reports and complaints, and other areas identified by earlier Phase 2 Audits.  Phase 2 Audits of business associates will focus on risk analysis and risk management and breach reporting to covered entities.

OCR will present the organization with a draft audit report to allow management to comment before it is finalized.  OCR will then take into account management’s response and issue a final report.

What Should You Do to Prepare for the Phase 2 Audits?

Covered entities and business associates should take the following steps to ensure that they are prepared for a potential Phase 2 Audit:

  • Confirm that the organization has recently completed a comprehensive assessment of potential security risks and vulnerabilities to the organization (the Risk Assessment);
  • Confirm that all action items identified in the Risk Assessment have been completed or are on a reasonable timeline to completion;
  • Ensure that the organization has a complete inventory of business associates for purposes of the Phase 2 Audit data requests;
  • If the organization has not implemented any of the Security Standards’ addressable implementation standards for any of its information systems, confirm that the organization has documented (i) why any such addressable implementation standard was not reasonable and appropriate and (ii) all alternative security measures that were implemented;
  • Ensure that the organization has implemented a breach notification policy that accurately reflects the content and deadline requirements for breach notification under the Breach Notification Standards;
  • Health care provider and health plan covered entities should ensure that they have a compliant Notice of Privacy Practices and not only a website privacy notice;
  • Ensure that the organization has reasonable and appropriate safeguards in place for PHI that exists in any form, including paper and verbal PHI;
  • Confirm that workforce members have received training on the HIPAA Standards that are necessary or appropriate for a workforce member to perform his/her job duties;
  • Confirm that the organization maintains an inventory of information system assets, including mobile devices (even in a bring your own device environment);
  • Confirm that all systems and software that transmit electronic PHI employ encryption technology or that the organization has a documented the risk analysis supporting the decision not to employ encryption;
  • Confirm that the organization has adopted a facility security plan for each physical location that stores or otherwise has access to PHI, in addition to a security policy that requires a physical security plan; and
  • Review the organization’s HIPAA security policies to identify any actions that have not been completed as required (e.g., physical security plans, disaster recovery plan, emergency access procedures, etc.)
ARTICLE BY

Patrick Callaghan
Daniel F. Gottlieb
Edward G. Zacharias
Of:
McDermott Will & Emery

Hobby Lobby: The Supreme Court’s View and Its Impact

Proskauer

For the second time in two years the United States Supreme Court (the “Court”) hasruled against the Obama Administration with respect to elements of the Affordable Care Act (the “ACA”).  In a 5-4 decision announced today in Burwell v. Hobby Lobby Stores, Inc.  (“Hobby Lobby”) (f/k/a Sebelius v. Hobby Lobby Stores, Inc.), the Court ruled that the federal government, acting through Health and Human Services (“HHS”), overstepped its bounds by requiring faith-based private, for-profit employers to pay for certain forms of birth control that those employers argued contradicted their religious beliefs, in violation of the Religious Freedom Restoration Act of 1993 (“RFRA”).

In Hobby Lobby, the Court found that for-profit employers are “persons” for purposes of the RFRA.  The Court, assuming that the government could show a compelling interest in its desire to provide women with access to birth control, ultimately held that the government could have met this interest in a less burdensome way.

Background

Among its many insurance mandates, the ACA requires non-grandfathered health insurance plans to cover “preventive services” at no cost to participants.

As part of its implementation of the ACA, HHS added 20 contraceptives that were required to be included as preventive services, including four that may have the effect of preventing a fertilized egg from developing.

Hobby Lobby argued that requiring the company to pay for or provide pills and procedures that they believe terminate life—so-called abortifacients—intrudes intrudes on their religious beliefs.   Hobby Lobby sued HHS, asserting that requiring them to pay for or provide abortifacients violated their First Amendment rights to freedom of religion and also violated the RFRA.

The RFRA provides that the federal government “shall not substantially burden a person’s exercise of religion” unless that burden is the least restrictive means to further a compelling governmental interest.  The Administration argued, however, that neither Hobby Lobby nor Conestoga or any other for-profit, faith-based employer was a person for purposes of the RFRA or the First Amendment.

The Decision

Writing for the majority, Justice Samuel Alito held that private—as opposed to publicly traded—employers could be considered “persons” for the RFRA.  The Court noted that the law imposed a substantial burden on religious beliefs, requiring the owners of Hobby Lobby to engage in conduct that “seriously violates their sincere religious beliefs.”

The Court noted that for the government to prevail it needed to demonstrate a compelling state interest and that its application was the least restrictive means to achieve its goals.  The Court assumed (with Justice Kennedy providing the swing vote in his concurrence) that the government does, in fact, have a compelling interest to, among other things, promote “public health” and “gender equality” by providing contraceptive coverage for women. However, the Court found that even assuming a compelling interest there were less restrictive alternatives for the government. The government could, the four-person majority noted, simply provide these benefits to all, without charge to the individuals; in his concurrence, Justice Kennedy questioned this, and noted the Court’s opinion does not decide this issue.  But Kennedy and the four-person majority agreed the government could extend the accommodation it made religiously affiliated employers:  they do not have to provide the benefit but their insurers or third-party administrators would without charge to either the employers or the employees.

Because there are less restrictive alternatives, the Court found that HHS had violated the RFRA as applied to these faith-based, for profit, private employers.

The Impact

The Hobby Lobby ruling has a direct impact on a relatively small number of employers—as a percentage of total employers across the country there are very few that can be considered faith-based employers.

However, the ruling is significant in that it signals an ongoing willingness by the Court to exercise its checks-and-balances power.  The Court indicated it may not provide the Administration much leeway in its implementation of the ACA, when implementation impacts and is limited by other federal rights.

The ruling may also be significant for certain religious-affiliated non-profit employers who are operating under the accommodation discussed above.  By identifying the accommodation as a less restrictive alternative, the Court may be signaling it believes that the exception HHS provided them suffices to meet any concerns they may have.  The Court, however, noted it was not deciding this issue, and the “government-pay” approach tendered by four justices may provide a possible opening for relief for the religious-affiliated non-profit employers.

Finally, the Hobby Lobby decision should stand as a reminder that while there may be differences of opinion about specific rules and requirements under the ACA, and some of those differences may be decided against the government, the law itself is not going away.  Employers need to continue to monitor new developments and implement strategies for complying with the ACA.

Article By:

Peter J Marathas, Jr
Stacey Cerrone
Robert W Rachal
Of:
Proskauer Rose LLP

Proposed Health Information Technology Strategy Aims to Promote Innovation

Sheppard Mullin 2012

On April 7, 2014, the Food and Drug Administration (FDA), in consultation with theOffice of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC) released a draft report addressing a proposed strategy and recommendations on an “appropriate, risk-based regulatory framework pertaining to health information technology.”

This report, entitled “FDASIA Health IT Report: Proposed Strategy and Recommendations for a Risk-Based Framework”, was mandated by Section 618 of the Food and Drug Administration and Innovation Act, and establishes a proposed blueprint for the regulation of health IT.  The FDA, ONC and FCC (the Agencies) noted that risk and controls on such risk should focus on health IT functionality, and proposed a flexible system for categorizing health IT and evaluating the risks and need for regulation for each category.

The Agencies set out four key priority areas: (1) promote the use of quality management principles, (2) identify, develop, and adopt standards and best practices, (3) leverage conformity assessment tools, and (4) create an environment of learning and continual improvement.

The Agencies are seeking public comment on the specific principles, standards, practices, and tools that would be appropriate as part of this regulatory framework.  In addition, the Agencies propose establishing a new Health IT Safety Center that would allow reporting of health IT-related safety events that could then be disseminated to the health IT community.

The Agencies also divided health IT into three broad functionality-based groups: (1) administrative, (2) health management, and (3) medical device. The Agencies noted that health IT with administrative functionality, such as admissions, billing and claims processing, scheduling, and population health management pose limited or no risk to the patient, and as a result no additional oversight is proposed.

Health IT with health management functionality, such as health information and data exchange, data capture and encounter documentation, provider order entry, clinical decision support, and medication management, would be subject the regulatory framework proposed in the report.  In addition, the FDA stated that a product with health management functionality that meets the statutory definition of a medical device would not be subject to additional oversight by the FDA.

The report had a spotlight on clinical decision support (CDS), which provides health care providers and patients with knowledge and person-specific information, intelligently filtered or presented at appropriate times, to enhance health and health care.  The report concluded that, for the most part, CDS does not replace clinicians’ judgment, but rather assists clinicians in making timely, informed, higher quality decisions.  These functionalities are categorized as health management IT, and the report believes most CDS falls into this category.

However, certain CDS software – those that are medical devices and present higher risks – warrant the FDA’s continued focus and oversight.  Medical device CDS includes computer aided detection/diagnostic software, remote display or notification of real-time alarms from bedside monitors, radiation treatment planning, robotic surgical planning and control, and electrocardiography analytical software.

The FDA intends to focus its oversight on health IT with medical device functionality, such as described above with respect to medical device CDS.  The Agencies believe that this type of functionality poses the greatest risk to patient safety, and therefore would be the subject of FDA oversight.  The report recommends that the FDA provide greater clarity related to medical device regulation involving health IT, including: (1) the distinction between wellness and disease-related claims, (2) medical device accessories, (3) medical device CDS software, (4) medical device software modules, and (5) mobile medical apps.

The comment period remains open through July 7, 2014, and therefore the report’s recommendations may change based on comments received by the Agencies. In the meantime, companies in the clinical software and mobile medical apps industry should follow the final guidance recently published by the FDA with respect to regulation of their products.

In the meantime, health information technology companies should follow the final guidance recently published by the FDA with respect to regulation of their products.

Article By:

Stephanie L. Zeppa
Lauren Lewis
Of:
Sheppard, Mullin, Richter & Hampton LLP