On October 17, 2019, the Department of Health and Human Services (HHS) published proposed rules to update the regulatory Anti-Kickback Statute (AKS) safe-harbors and exceptions to the Physician Self-Referral (PSR) Law, known commonly as the Stark Law (AKS proposed rule available here; PSR proposed rule available here). In an earlier blog post, we described each of the proposed rules. Among the proposed changes are a new safe harbor/exception that would generally permit entities to donate certain cybersecurity technology and related services to physicians, subject to compliance with the conditions described below. In the preamble to each proposed rule, the HHS Office of Inspector General (OIG) (which published the AKS proposed rule) and the Centers for Medicare and Medicaid Services (CMS) (which published the PSR proposed rule) noted that cyber-attacks in the health care industry are on the rise and cybersecurity technology can be cost-prohibitive for some providers. Both OIG and CMS stated their hope that the proposed rules will improve overall cybersecurity in the health care industry and reduce instances of data breaches resulting from cyber-attacks.
Continue Reading HHS Proposes Changes to Permit Donation of Cybersecurity Technology
Healthcare Technology
HHS Issues Favorable Advisory Opinion for Online Health Care Directory Charging Per-Click Fees
On September 5, 2019, the Department of Health and Human Services (HHS) Office of the Inspector General (OIG) issued OIG Advisory Opinion 19-04 (Advisory Opinion). The Requestor asked OIG if providing an online health care provider directory (Directory) to federal health care program beneficiaries (beneficiaries) would violate the Anti-Kickback Statute (AKS) or constitute a prohibited Beneficiary Inducement. The online directory would allow beneficiaries to search and book medical appointments, and the Requestor would charge health care professionals a per-click or per-booking fee to be listed in the directory. The directory would also allow sponsored advertisements for which health care professionals would pay a per-impression or per-click fee for such advertisements. The OIG indicated that the arrangement would not violate the Beneficiary Inducement prohibitions, and although it may generate remuneration prohibited by the AKS, OIG would not impose sanctions on the Requestor because the risk for federal health care program fraud or abuse is low.
Continue Reading HHS Issues Favorable Advisory Opinion for Online Health Care Directory Charging Per-Click Fees
Allscripts Announces $145 Million Preliminary Settlement with DOJ Related to an Investigation of Practice Fusion, a Recently Acquired EHR Company
By Robinson+Cole's Health Law Group on
Posted in Academic Medical Centers, Department of Justice, False Claims Act, Fraud and Abuse, Government Enforcement, Health Information Exchanges and Electronic Medical Records (EMRs), Health Information Technology, Healthcare Technology, HIPAA, Hospitals and Health Systems, Medicare and Medicaid, Privacy and Security, Reimbursement, Stark Law
In its second quarter Securities Exchange Commission (SEC) filing, Allscripts addressed its announced agreement in principle with the Department of Justice (DOJ) to resolve investigations into certain alleged practices of Practice Fusion, an electronic health records (EHR) vendor acquired by Allscripts in February 2018 for $100 million. Allscripts indicated the agreement is still subject to further negotiation and government approval, and would likely include additional non-monetary terms, including a deferred prosecution agreement, if a finalized settlement is reached.
Continue Reading Allscripts Announces $145 Million Preliminary Settlement with DOJ Related to an Investigation of Practice Fusion, a Recently Acquired EHR Company
Connecticut Empowers DSS to Expand Medicaid Coverage of Telehealth Services
By Robinson+Cole's Health Law Group on
On June 28, 2019, Connecticut Governor Ned Lamont signed into law Public Act No. 19-76 “An Act Expanding Medicaid Coverage of Telehealth Services” (PA 19-76). PA 19-76 revises the criteria and process by which the Connecticut Department of Social Services (DSS) determines the telehealth services covered by the Medicaid program. PA 19-76 is effective July 1, 2019.
Continue Reading Connecticut Empowers DSS to Expand Medicaid Coverage of Telehealth Services
SHIELD Act Becomes Law, Expanding Breach Notification and Data Security Requirements
By Leslie Levinson on
On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) into law. The SHIELD Act modifies the current Breach Notification Law to expand the types of data elements that are considered “private information” and to expand the data breach disclosure requirements for individuals and businesses. Moreover, the law creates a requirement that owners or licensors of private information meet a new “reasonable security requirement.”
Continue Reading SHIELD Act Becomes Law, Expanding Breach Notification and Data Security Requirements
CMS Announces Pilot Program for Clinicians to View Claims Data of Medicare Beneficiaries
On July 30, 2019, the Centers for Medicare & Medicaid Services (CMS) announced “Data at the Point of Care” (DPC), a pilot program that will provide clinicians with access to claims data. The pilot program follows on the heels of the recently proposed Interoperability and Patient Access Proposed Rule, which would require regulated health plans to make patient data available through an application programming interface (API). These actions are also part of the MyHealthEData initiative spearheaded by the White House Office of American Innovation.
Continue Reading CMS Announces Pilot Program for Clinicians to View Claims Data of Medicare Beneficiaries
Connecticut Legislature Extends Immunity for Emergency Assistance by Health Care Professionals to Cover Malfunctioning Automatic External Defibrillators
By Robinson+Cole's Health Law Group on
On July 1, 2019, Connecticut Governor Ned Lamont signed into law Public Act No. 19-113 “An Act Concerning the Use of Automatic External Defibrillators” (PA 19-113). This law takes effect October 1, 2019.
Continue Reading Connecticut Legislature Extends Immunity for Emergency Assistance by Health Care Professionals to Cover Malfunctioning Automatic External Defibrillators
CMS Amends Regulations to Lower Drug Prices and Reduce Out-Of-Pocket Expenses in Medicare Advantage and Part D Prescription Drug Benefit Program
The Centers for Medicare and Medicaid Services (CMS) announced a final rule, to be published on May 23, 2019, amending the Medicare Advantage program (Part C) and Prescription Drug Benefit program (Part D) regulations. According to CMS, the purpose of the rule is to lower drug prices and reduce out-of-pocket expenses in the Medicare…
Department of Justice Announces Significant False Claims Act Settlements Tied to Electronic Health Records Arrangements
By Conor Duffy on
Posted in Accreditation, Department of Justice, False Claims Act, Fraud and Abuse, Government Enforcement, Health Information Exchanges and Electronic Medical Records (EMRs), Health Information Technology, Healthcare Technology, Hospitals and Health Systems, Life Sciences, Medicare and Medicaid, Office of Inspector General, Physicians and Allied Health Professionals, Reimbursement, Stark Law
The Department of Justice (DOJ) recently announced two high-dollar False Claims Act (FCA) enforcement actions involving allegedly fraudulent arrangements tied to the implementation and use of electronic health record systems (EHRs). The respective settlements enable recovery by DOJ of over $100 million, and immediately precede the government’s recent proposal of new rules to promote the interoperability of EHRs. The settlements thus serve as an important reminder of the importance of adhering to federal fraud and abuse laws and regulations as hospitals and other health care providers continue to implement EHR technology.
Continue Reading Department of Justice Announces Significant False Claims Act Settlements Tied to Electronic Health Records Arrangements