Health Care

Back in December, we wrote about a district court ruling rejecting the Federal Trade Comission’s (“FTC”) motion to enjoin the proposed combination of Thomas Jefferson University (“TJU”) and Albert Einstein Healthcare Network (“Einstein”) that would create an 18-hospital system in the Philadelphia area. The FTC and the Pennsylvania Attorney General had alleged the merger would lead to TJU/Einstein controlling at least 60% of the inpatient GAC hospital services market in a portion of Philadelphia. Following the district court decision, the FTC quickly appealed to the Third Circuit Court of Appeals and filed an emergency motion for a stay pending appeal. Days later, a three-judge panel denied the government’s motion without comment.

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it will exercise its enforcement discretion for health care providers’ and their business associates’ noncompliance with the HIPAA rules with respect to their good faith use of online or web-based scheduling applications for scheduling COVID-19 vaccination appointments. OCR will not impose penalties for such noncompliance during the COVID-19 nationwide public health emergency.

In our annual webinar, Mintz’s Health Care Enforcement Defense team reviewed the key policy developments, settlements, and court decisions from 2020 and assessed their likely impact in 2021 and beyond.

Despite the threat of COVID-19 paralyzing much of the country in 2020, government health care fraud enforcement continued even though the Department of Justice (DOJ) had the added burden of pursuing COVID-19 related fraud. Mintz’s Health Care Enforcement Defense team has reviewed the key policy issues, statistics, settlements, and court decisions from 2020, and in this report we reflect on those developments and also predict the trends in health care enforcement in 2021 and beyond.

At the end of 2020, the U.S. Department of Health and Human Services Office of Inspector General and Centers for Medicare and Medicaid Services issued final rules modifying and expanding upon the regulatory safe harbors and exceptions to the federal Anti-Kickback Statute and the Stark Law, respectively.

The Food and Drug Administration (FDA) and the National Telecommunications Information Administration (NTIA) in partnership with three domain name registries disabled nearly 30 websites illegally offering opioids for sale. Working together as part of a pilot program jointly created by the Department of Health and Human Services (HHS) and the Department of Commerce (Commerce), FDA and NTIA aim to reduce the availability of unapproved and misbranded opioids illicitly offered for virtual sale. Based on several joint warning letters and the subsequent shuttering of numerous websites illegally selling opioids, it would appear the partnership is a success. Both agencies and the domain registries have committed to continuing this working relationship beyond the pilot program. Time will tell if the continued joint effort reduces the unlawful sale of opioids online and in turn, minimizes the risks associated with the opioid crisis.

In this final post of our blog series on the substantial changes to the regulations implementing the Anti-Kickback Statute (AKS) and the Physician Self-Referral Law (commonly known as the Stark Law), we cover change to (i) key Stark Law terminology, and (ii) the scope and application of the Stark Law exceptions. The Centers for Medicare & Medicaid Services (CMS) finalized new definitions for various key terms used in the Stark Law regulations as well as revisions to existing terms that are generally intended to provide more certainty and flexibility. This post discusses a few of the highlights, but the final regulations contain many others.

On January 19, 2021, significant changes to the regulations implementing the Anti-Kickback Statute (AKS) and the Physician Self-Referral Law (commonly known as the Stark Law) went into effect. The sweeping changes come through two final rules – one issued by the Office of Inspector General (OIG) addressing changes to the AKS and the Beneficiary Inducements CMP, and one issued by the Centers for Medicare & Medicaid Services (CMS) addressing changes to the Stark Law.

In this fifth installment of our blog series covering the changes, we dive into (i) the new AKS safe harbor and Stark Law exception for cybersecurity technology and related services, and (ii) the significant changes to the existing safe harbor and exception for electronic health records (EHR) technology.

Since the beginning of the pandemic, telehealth providers have seen a dramatic increase in demand for their services along with a number of temporary regulatory measures aimed at expanding telehealth access to more patient populations. In this post, we outline some important developments that will bring greater certainty to telehealth providers and suggest that expanded access to telehealth is here to stay.

Although the Biden-Harris Administration that assumed control of the Executive Branch on January 20, 2021 immediately ordered a regulatory freeze of new or pending rules while the new administration gets its bearings (as reported by our colleagues in this post), several important changes to the laws enforced by the Food and Drug Administration (FDA) were recently enacted by Congress. As legislative actions, those changes are of course unaffected by President Biden’s regulatory freeze and so we thought worth a summary to ensure our readers are up to speed on the large amount of activity that occurred in the final weeks of the 116th Congress and the Trump Administration.

With a notably sharply worded opinion, the Fifth Circuit recently vacated over $4.3 million in penalties levied against the University of Texas M.D. Anderson Cancer Center (M.D. Anderson) by the Department of Health and Human Services (HHS) for a series of alleged HIPAA violations. The case stems from three separate incidents that occurred between 2012 and 2013. In two instances, M.D. Anderson workforce members lost unencrypted protected health information (PHI), while the third incident involved the theft of a faculty member’s laptop also containing unencrypted PHI. On appeal, the Fifth Circuit concluded that HHS’s civil monetary penalties order against M.D. Anderson was arbitrary, capricious, and contrary to law, vacating the penalties and pointedly criticizing the agency’s actions and arguments in this matter.

Beyond its harsh words for HHS, this opinion is notable for calling into question some longstanding HHS enforcement practices and interpretations of the HIPAA regulations. The opinion also makes clear that regulated entities should check the math when HHS levies a fine. Although limited in its precedential authority, the Fifth Circuit’s opinion, at the very least, gives HIPAA-regulated entities some new food for thought if faced with an HHS enforcement action.

In the waning days of the Trump administration, the Office for Civil Rights (“OCR”) announced a number of new initiatives, including proposed HIPAA amendments, discussed here, and a very recent COVID-19 related Notice of Enforcement Discretion. Under the Notice of Enforcement Discretion, published on January 19, 2021, OCR announced that it would not impose penalties for non-compliance with HIPAA on covered entities making good faith use of online or web-based applications for COVID-19 vaccination scheduling. With the swearing in of President Biden, these and other regulatory initiatives, including all regulations that have been sent to the Office of the Federal Register, but not yet published, are to be withdrawn until a department or agency head appointed by President Biden reviews and approves the rule.

The U.S. Department of Health and Human’s Services (HHS) Health Resources and Services Administration’s (HRSA) long-awaited administrative dispute resolution (ADR) final rule went into effect last week, on January 13, 2021. The ADR regulations, which have lingered in HHS since 2010, arrive amid increasing tensions and a flood of 340B-related litigation between covered entities, manufacturers, and HHS.

Watch this webinar in which Mintz’s Employment, Labor & Benefits and Health Law attorneys and noted immunologist Dr. Darryl Carter discussed key takeaways from the EEOC’s recently updated vaccination guidance and other COVID-19–related workplace questions.

Politics will have an effect on FDA policies in 2021, including with respect to the ongoing COVID-19 response, manufacturing, compliance, digital health, laboratories, user fees, device servicing, and more.

Mounting anxiety over how to control the spread of infectious disease outbreaks encourages public and political discourse of bioethics.

In a recently decided case, Rutledge v. Pharmaceutical Care Management Association, the U.S. Supreme Court held that the Employee Retirement Income Security Act of 1974 (ERISA) does not preempt an Arkansas statute that regulates reimbursement levels paid by Pharmacy Benefit Managers (PBMs) to local pharmacies.

As we’re all painfully aware, public health issues dominated 2020 and with the country’s attention focused on COVID-19 testing, status, transmission and care, HIPAA went mainstream. Health information became critical not only for health care providers, but for all manner of businesses, employers, property owners, and the national media. HIPAA – or more often than not “HIPPA” – was frequently touted in the news and on social media as the reason why COVID-related information could or could not be shared. As we head into 2021 with the pandemic raging on, the vaccination program underway, and a new administration taking over, here is a look at what we expect for “HIPPA” in 2021.

In addition to the incredible work of agency scientists and reviewers to get the first COVID-19 vaccines authorized for emergency use in December (as we covered in Part 2 of our year-end post), the Food and Drug Administration (FDA) has continued to make substantial progress on its non-COVID priorities as well, which we cover in this part 3 of our year-end post.

Following up on our colleagues’ post earlier this month covering the Food and Drug Administration’s 2020 device law and policy activities, this post will explore prescription drug and biologic law and policy developments over the past year. We’ll also begin looking forward into 2021 and the agency’s transition to an incoming Biden Administration.