The Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS) recently issued its Final Rule to modify HIPAA “to support reproductive health care privacy.” The Final Rule is in response to Executive Order 14076, where President Biden directed HHS to take actions to protect reproductive health information following Dobbs v.
Forecasting the Integration of AI into Health Care Compliance Programs
This post was co-authored by Josh Yoo, legal intern at Robinson+Cole. Josh is not admitted to practice law.
Health care entities maintain compliance programs in order to comply with the myriad, changing laws and regulations that apply to the health care industry. Although laws and regulations specific to the use of artificial intelligence (AI) are limited at this time and in the early stages of development, current law and pending legislation offer a forecast of standards that may become applicable to AI. Health care entities may want to begin to monitor the evolving guidance applicable to AI and start to integrate AI standards into their compliance programs in order to manage and minimize this emerging area of legal risk.
Executive Branch: Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence
Following Executive Order 13960 and the Blueprint for an AI Bill of Rights, Executive Order No. 14110 (EO) amplifies the current key principles and directives that will guide federal agency oversight of AI. While still largely aspirational, these principles have already begun to reshape regulatory obligations for health care entities. For example, the Department of Health and Human Services (HHS) has established an AI Task Force to regulate AI in accordance with the EO’s principles by 2025. Health care entities would be well-served to monitor federal priorities and begin to formally integrate AI standards into their corporate compliance plans.
- Confidentiality and Security: Federal scrutiny of the privacy and security of entrusted information extends to AI’s interactions with data as a core obligation. This general principle also manifests in more specific directives throughout the EO. The EO also orders the HHS AI Task Force to incorporate “measures to address AI-enhanced cybersecurity threats in the health and human services sector.”
- Transparency: The principle of transparency refers to an AI user’s ability to understand the technology’s uses, processes, and risks. Health care entities will likely be expected to understand how their AI tools collect, process, and predict data. The EO envisions labelling requirements that will flag AI-generated content for consumers as well.
- Governance: Governance applies to an organization’s control over deployed AI tools. Internal mechanical controls, such as evaluations, policies, and institutions, may ensure continuous control throughout the AI’s life cycle. The EO also emphasizes the importance of human oversight. Responsibility for AI implementation, review, and maintenance can be clearly identified and assigned to appropriate employees and specialists.
- Non-Discrimination: AI must also abide by standards that protect against unlawful discrimination. For example, the HHS AI Task force will be responsible for ensuring that health care entities continuously monitor and mitigate algorithmic processes that could contribute to discriminatory outcomes. It will be important to permit internal and external stakeholders to have access to equitable participation in the development and use of AI.
Continue Reading Forecasting the Integration of AI into Health Care Compliance Programs
Remote Patient Monitoring Enforcement Initiatives
Below is an excerpt of an article published in the American Bar Association Health Law Section’s March 2024 Health eSource issue.
In recent years, there has been a significant increase in the use of digital technologies and innovative solutions in healthcare, including the increased use of remote patient monitoring (RPM) services. Telehealth and other digital…
HHS Addresses the Growing Influence of Artificial Intelligence in Health Care
This post was co-authored by Blair Robinson, a member Robinson+Cole’s Artificial Intelligence Team.
Artificial Intelligence (AI) has emerged as a major player in the realm of health care, promising to completely transform its delivery. With AI’s remarkable ability to analyze data, learn, solve problems, and make decisions, it has the potential to enhance patient…
HHS Proposes Disincentives for Providers that Commit Information Blocking
On November 1, 2023, the U.S. Department of Health and Human Services (HHS) published a proposed rule titled “21st Century Cures Act: Establishment of Disincentives for Health Care Providers That Have Committed Information Blocking” (the Proposed Rule). The Proposed Rule, if finalized, would create disincentives for health care providers that the HHS Office of Inspector General (OIG) determines have committed “information blocking” (as defined at 45 C.F.R. § 171.103).Continue Reading HHS Proposes Disincentives for Providers that Commit Information Blocking
Eighteen States’ Attorneys General Send Letter to CMS in Support of Proposed Rule Requiring Disclosure of Certain Nursing Home and SNF Ownership Information
On April 14, 2023, the Attorneys General of 18 different states sent a letter to Health and Human Services (HHS) Secretary Xavier Becerra and Centers for Medicare and Medicaid Services (CMS) Administrator Chiquita Brooks-LaSure in support of a proposed rule that would require the disclosure of certain ownership information regarding Medicare skilled nursing facilities (SNFs) and Medicaid nursing facilities (collectively “Nursing Facilities”), particularly from private equity investors and real estate investment trusts (the “Proposed Rule”).Continue Reading Eighteen States’ Attorneys General Send Letter to CMS in Support of Proposed Rule Requiring Disclosure of Certain Nursing Home and SNF Ownership Information
HHS Seeks to Strengthen Protections of Reproductive Health Information with Proposed Changes to HIPAA
On April 12, 2023, the U.S. Department of Health & Human Services (HHS) released a Notice of Proposed Rulemaking (Proposed Rule) that seeks to enhance safeguards of reproductive health care information through changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. The proposal is intended to align with President Biden’s Executive Order…
340B Update: District Court Rejects 2022 Payment Methodology for 340B Hospitals Following Supreme Court Win
We follow up on our previous blog post concerning the U.S. Supreme Court’s unanimous ruling in favor of 340B hospitals. The Supreme Court previously held that “absent a survey of hospitals’ acquisition costs, HHS may not vary the reimbursement rates for 340B hospitals” and therefore, that HHS exceeded its statutory authority by varying the 2018 and 2019 rates for 340B hospitals without first conducting such survey.Continue Reading 340B Update: District Court Rejects 2022 Payment Methodology for 340B Hospitals Following Supreme Court Win
Second Circuit Affirms HHS Rejection of Direct Copayment Assistance under Anti-kickback Statute
Below is an excerpt of a contributed article co-authored with Robinson+Cole Business Litigation Group lawyer Ben Daniels published in Physicians Practice on September 16, 2022.
On July 25, 2022, the U.S. Court of Appeals for the Second Circuit rejected an appeal brought by Pfizer, Inc. in a case that examines whether a “corrupt” intent is…
HHS Issues HIPAA Guidance to Support Audio-Only Telehealth Services
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently issued new guidance (Guidance) on the use of remote communication technologies to deliver audio-only telehealth in accordance with HIPAA. Per OCR, the Guidance is intended to ensure continued access for patients to audio-only telehealth in a secure and compliant manner, particularly once OCR’s notification of enforcement discretion (previously discussed here) tied to the COVID-19 pandemic is rescinded (i.e., once the HHS-declared COVID-19 public health emergency is ended).Continue Reading HHS Issues HIPAA Guidance to Support Audio-Only Telehealth Services