Other Health Policy Developments

Elliott is a law clerk at the firm and his work is supervised by licensed attorneys. His admission to the New York bar is pending.

During a hearing before the Oversight Committee of the U.S. House of Representatives on April 11, Dr. Robert Califf, the commissioner of the U.S. Food and Drug Administration (FDA), requested congressional action to create a new pathway to regulate hemp-derived Cannabidiol (CBD) products, which the agency does not consider safe enough to be sold lawfully as a dietary supplement.

In a January 2023 statement by the prior Commissioner, Janet Woodcock the FDA declined to develop rules to allow CBD to be sold in dietary supplements or food, citing its belief that CBD does not fall under a particular regulatory scheme currently available to the agency.Continue Reading The FDA’s Continued Search for a Legal Pathway for CBD Products

On March 9, 2024, in response to the cyberattack on UnitedHealth Group’s subsidiary, Change Healthcare/Optum, in late February 2024, the Centers for Medicare & Medicaid Services (“CMS”) made available Change Healthcare/Optum Payment Disruption (“CHOPD”) accelerated payments to Medicare Part A providers and advance payments to Medicare Part B suppliers experiencing claims disruptions as a result of the cyberattack.

CMS, through the Medicare Administrative Contractors (“MACs”), may grant CHOPD accelerated and advance payments in amounts representative of up to thirty days’ worth of Part A or Part B claims to eligible Medicare providers and suppliers, which is calculated by taking the total claims paid to the provider/supplier between August 1, 2023 through October 31, 2023 and dividing that number by three.

In this post, we will detail eligibility requirements and terms of the payments. We note that these are not loans or grants. They are advanced and accelerated payments and CMS will immediately begin to recoup the payments. For more details, CMS has issued a Fact Sheet and Frequently Asked Questions.Continue Reading CMS Offers Change Healthcare/Optum Payment Disruption Payments to Medicare Providers and Suppliers

The U.S. Supreme Court heard arguments yesterday in the two consolidated cases challenging the U.S. Food and Drug Administration (FDA) approval of mifepristone. Throughout the questioning, the Justices focused on both the standing of the plaintiffs to bring the cases and on the suitability of the remedy sought.

The Court is expected to rule on the case in late June or early July. Although the Court has a 6-3 majority of justices appointed by Republican presidents, the questioning by the justices and the areas that they focused on seemed to indicate that any judicially-imposed limitations on both the FDA’s approval of the drug and the FDA’s current restrictions on the dispensing of mifepristone may be narrow.

At different times during the argument, both liberal and conservative Justices mixed together in the thrust of their questions in a way that could result in this case being a close decision with many different opinions or even resulting in a majority decision that would allow continued dispensation of the drug due to standing considerations.Continue Reading SCOTUS Arguments on Mifepristone Cases Focus on Standing and Remedy

The Federal Trade Commission (FTC), the Department of Justice’s Antitrust Division, and the U.S. Department of Health and Human Services jointly announced a cross-government inquiry into the impact of private equity investment and other forms of “corporate greed” in the health care sector. As part of the announcement of this effort, the agencies produced a

The Department of Health and Human Services Office of the National Coordinator for Health Information Technology (ONC) has published its first final rule on Health Data, Technology and Interoperability. The rule, known as the HTI-1 rule, takes effect on February 8, and governs updates to the ONC’s Health IT Certification Program, as well as regulations on information blocking.

Among the program criteria that the rule addresses include those related to decision support, electronic case reporting and standards-based application programming interfaces (APIs). To address the question of information blocking, the rule provides refined definitions of statutory terms and identifies practices that cannot constitute information blocking as they are considered by ONC to be “reasonable and necessary.”Continue Reading ONC Finalizes Information Sharing and Algorithm Transparency Rule

As promised back in April in an announcement of its plans to modernize compliance program guidance, the Department of Health and Human Services Office of Inspector General (OIG) issued the first of its new guidance documents for the health care industry on November 6, 2023. The first release is a general compliance program guidance (GCPG) designed to serve as a resource to all segments of the health care industry, regardless of the particular items or services offered.

In its newest release, OIG reiterates its view that the GCPG is by its very nature a voluntary guidebook that can act as a roadmap for a compliance program to follow, but that it is not binding on any individual or entity in the health care industry. This updated GCPG includes the following information for health care compliance programs, which we summarize further below: (1) key Federal authorities for entities engaged in health care business; (2) the seven elements of a compliance program; (3) adaptations for small and large entities; (4) other compliance considerations; and (6) OIG processes and resources.

Additional industry specific compliance guidance documents will be forthcoming, according to OIG, with its first updated guidance setting the stage for those to follow.Continue Reading HHS OIG Issues General Guidance as First Step in Effort to Modernize Compliance Guidance

On September 15, 2023, FDA published an update to the guidance document – “Breakthrough Devices Program, Guidance for Industry and Food and Drug Administration Staff.” Notably, FDA states that it may consider a medical device’s ability to improve health and healthcare disparities when deciding whether to designate a medical device as a breakthrough device. The agency may use this information to determine whether a candidate device provides more effective treatment or diagnosis when compared to the current standard of care. Below, we provide additional information regarding the breakthrough device program and the updated guidance.Continue Reading FDA Updates Breakthrough Device Guidance

On August 1, 2023, the U.S. Food & Drug Administration (“FDA”) and the Drug Enforcement Administration (“DEA”) issued a joint letter to all Americans to provide a status update regarding the ongoing shortage of prescription stimulants. Stimulants fall under the purview of both FDA and DEA because they are controlled substance drugs. Both agencies recognize the important role of prescription stimulants when it comes to the treatment of conditions such as attention-deficit/hyperactivity disorder (“ADHD”), binge eating disorder, and narcolepsy.

According to the letter, the agencies are working closely with manufacturers and other members of the drug supply chain to address these shortages, which are the result of two main factors—manufacturing delays and an increased demand for the stimulants.Continue Reading FDA and DEA seek to ameliorate the shortage and misuse of stimulants

On April 24, 2023, the OIG formally announced that it will be modernizing its existing Compliance Program Guidance (“CPG”).

The OIG has provided a CPG for various industry subsections since 1998.  Each CPG was developed in an effort to set forth voluntary compliance standards to be utilized in identifying and preventing fraud and abuse in federal health care programs.  In September 2021, the OIG published a request for information (“RFI”), wherein OIG requested insight on how providers use CPG and what improvements could be made to provide more relevant and accessible guidance.  

Providers and other industry representatives made recommendations including, but not limited to, creating industry-specific guidance, consolidating existing CPG, enabling user-friendly access to CPG, and ensuring ongoing updates to identify the OIG’s current positions on new and emerging risks in health care.Continue Reading OIG announces Modernization of Compliance Program Guidance

On April 7, 2023, only minutes apart, two federal district courts issued rulings on cases challenging the Food and Drug Administration’s regulations governing mifepristone, a key medication for women seeking an abortion. Both rulings faulted the FDA’s handling of the approval and its subsequent restrictions on the dispensing of mifepristone, but the two rulings came to very different conclusions as to what the availability of the drug should be.

Judge Matthew Kacsmaryk of the U.S. District Court for the Northern District of Texas issued a 67-page opinion ordering that the FDA’s initial approval of the drug, which was approved in 2000, should be stayed pending the court’s full review of the merits of the case. The court then stayed its own order for seven days to allow the FDA to appeal to the U.S. Court of Appeals for the Fifth Circuit.

Just minutes later, Judge Thomas Rice of the U.S. District Court for the Eastern District of Washington issued a 31-page opinion ordering FDA and HHS not to make any changes to the availability of mifepristone under the current operative Risk Evaluation and Mitigation Strategy (REMS) program, which requires the drug to be prescribed and dispensed only by certified providers, among other requirements. Unlike Judge Kacsmaryk, whose injunction has nationwide effect, Judge Rice limited the effect of his order to only the 17 states and the District of Columbia who brought the challenge in his court. The 17 plaintiff states in this lawsuit are: Arizona, Colorado, Connecticut, Delaware, Hawaii, Illinois, Maine, Maryland, Michigan, Minnesota, Nevada, New Mexico, Oregon, Pennsylvania, Rhode Island, Vermont, and Washington and the District of Columbia.

The most difficult-to-reconcile aspect of the two orders is the fact that Judge Kacsmaryk’s order is a nationwide stay of the drug’s approval, while Judge Rice’s order to maintain the status quo availability only applies to the specific plaintiffs.  Notably absent from the Washington order’s applicability would be California, Massachusetts, New Jersey, New York, North Carolina, New Hampshire, and Virginia.Continue Reading Mifepristone Cases – Our Thoughts

Health care and health care-adjacent organizations are seeing a steep increase in risk arising from the frequently utilized third-party analytics and advertising services on their websites, mobile applications, patient portals, and other Internet-connected services. Those organizations should pay attention to new regulatory guidance, published settlements with regulators, and an onslaught of class action filings stemming

On March 27, 2023, two United States Senators, Bill Cassidy, MD (R-LA) and Jeff Merkley (D-OR) introduced the bipartisan No Unreasonable Payments, Coding, or Diagnoses for the Elderly (“No UPCODE”) Act to address perceived financial incentives inherent in the Medicare Advantage patient risk scoring reimbursement methodology. Senator Merkley alleges that the current reimbursement

On February 28, 2023, six of the seven Medicare Administrative Contractors (MACs), who administer Medicare reimbursement on behalf of the Centers for Medicare and Medicaid Services (CMS), came together for a multijurisdictional contractor advisory committee (CAC) meeting. The purpose of the CAC meeting was to discuss remote physiologic monitoring (RPM) and remote therapeutic monitoring (RTM) for non-implantable devices. Specifically, the MACs were looking to determine whether a local coverage determination (LCD) should be developed to guide those performing remote patient monitoring and utilizing these billing codes.  

The public was permitted to submit written comments and responses to a set of specific discussion questions through March 10, 2023. The questions covered a range of issues including the advantages of RPM/RTM in a clinical setting and the use of third-party vendors in the provision of RPM/RTM services.

Importantly, if any MAC decides to develop an LCD after the CAC, the LCD will be published both on the MAC’s webpage and on the Medicare Coverage Database. The LCD will then go through a public comment period and other administrative hurdles before it can be finalized as policy. To date, there have been no established Medicare coverage policies for remote monitoring services. Continue Reading MACs Consider Guidance on Remote Patient Monitoring Amid Exploding Utilization

The Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”) recently issued a bulletin highlighting the application of Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) to covered entities and business associates (“Regulated Entities”) under the HIPAA Privacy, Security, and Breach Notification Rules (“HIPAA Rules”) when using online tracking technologies that collect and analyze information about how internet users interact with websites or mobile applications (“Tracking Technologies”). While the Bulletin emphasizes that Regulated Entities have always been prohibited from impermissible uses and disclosures of protected health information (“PHI”) collected through Tracking Technologies, including disclosing PHI to Tracking Technology vendors without entering into business associate agreements (“BAAs”), OCR has been relatively silent on this issue to date.

To highlight the application of HIPAA to Regulated Entities leveraging Tracking Technologies, the Bulletin provides several examples of how Tracking Technologies may collect and share PHI, including on authenticated and unauthenticated webpages, as well as mobile apps. In particular, the Bulletin describes how websites and mobile apps commonly use Tracking Technologies to collect information from users, including identifiers that are unique to users’ mobile devices. This information can then be used by the owner of a website or app, a related vendor, or a third party to gain insights about users’ online activities and to create a unique profile for each user. These insights and information can be used in beneficial ways to help improve care or the patient experience, but they can also be misused to promote misinformation and for other detrimental purposes.

In a nutshell, OCR’s Bulletin stresses that when an individual uses Regulated Entities’ websites or mobile apps, information such as the individual’s medical record number, home or email address, dates of appointments, IP address, geographic location, or medical device ID may constitute PHI subject to HIPAA and should be held by Regulated Entities accordingly. According to OCR, such information generally is PHI, even if the individual does not have an existing relationship with the Regulated Entity and even if the information does not include specific treatment or billing information like dates and types of health care services. Per OCR, this is because the information connects the individual to the Regulated Entity (i.e., it is indicative that the individual has received or will receive health care services or benefits from the covered entity), and thus relates to the individual’s past, present, or future health or health care or payment for careContinue Reading HHS OCR Issues Bulletin on HIPAA Compliance for Tracking Technologies 

Under provisions of the 21st Century Cures Act (Cures Act), providers of Medicaid-funded personal care services (PCS) and home health care services (HHCS) will need to be fully compliant with their state’s electronic visit verification (EVV) systems by January 1, 2023

Congress passed the Cures Act on December 13, 2016. Among other things, in an effort to increase transparency and reduce fraud in connection with the delivery of health care services, this law mandated that states implement EVV systems for all Medicaid-funded (including under waiver programs) PCS by January 1, 2019, and HHCS by January 1, 2023, in each case where services include an in-home visit by a provider. Subsequent legislation extended the deadline for PCS to implement EVV requirements to January 1, 2020. However, the deadline for HHCS remains January 1, 2023, and is quickly approaching.

Providers of PCS and HHCS services should make sure that they are working towards implementing EVV systems in their own business operations in compliance with applicable state requirements, the majority of which also are requiring provider compliance by January 1, 2023Continue Reading Home Health Care Services Electronic Visit Verification System Implementation Required by January 1, 2023

In its latest effort to increase transparency and improve patient access to information about their health care providers the U.S. Department Health and Human Services Centers for Medicare & Medicaid Services (CMS) published a Request for Information (RFI) on October 7, 2022, seeking input on creation of a national provider directory for use by patients, regulators, and insurers.  

According to the announcement, the RFI was prompted by inefficiencies arising from “the fragmentation of current provider directories” maintained by providers, insurers and/or third-party sources that CMS believes could be remedied by a federal provider directory containing “digital contact information containing the most accurate, up-to-date, and validated . . . data in a publicly accessible index.”

The stated goal of the RFI is to examine the feasibility and requirements for a proposed National Directory of Healthcare Providers and Service (NDH). Responses to the RFI are due by December 6, 2022, and stakeholder comments already are being submitted.Continue Reading CMS Considers National Directory of Healthcare Providers and Services

On September 27, 2022, FDA announced the publication of a  final guidance  document entitled Clinical Decision Support Software, Guidance for Industry and Food and Drug Administration Staff (Final CDS Guidance), which focuses on clarifying the types of clinical decision support (CDS) software functions that are excluded from the definition of device by the criteria in section 520(o)(1)(E) of the Federal Food Drug and Cosmetic Act.

This final guidance document addresses industry comments made in response to FDA’s September 2019 draft guidance (Draft CDS Guidance). The Final CDS Guidance streamlines the Draft CDS Guidance by focusing the scope on CDS intended to be used by state licensed, registered, or certified health care professionals , rather than those also used by patients and caregivers, which were included in the scope of the Draft CDS Guidance.Continue Reading FDA Announces Final Guidance on Clinical Decision Support Software

The U.S. Supreme Court on July 26 issued its judgment in the case of Dobbs v. Jackson Women’s Health, officially setting in motion abortion bans in at least four states.

A “judgment” is distinct from the opinion and typically follows issuance of the opinion by about a month. This certified document from the clerk of The Supreme Court is usually simply a formality to allow the Court of Appeals from which the case originated to either close its docket or begin the process of implementing what was ordered on remand.

In the Dobbs case, the Supreme Court issued its opinion (142 S. Ct. 2228) on June 28, but the judgment issued from the clerk’s office to the Fifth Circuit about 30 days later.

Because of the way the trigger bans in at least four states were worded, the issuance of the judgment on July 26 also started the clock on the enforcement of those states’ laws. The trigger laws in Texas, Tennessee, Idaho, and North Dakota will each take effect 30 days after the judgment was issued, i.e., on August 25, 2022.Continue Reading Supreme Court judgment triggers abortion bans in states, legislative action in others

The U.S. Department of Health and Human Services Office of the National Coordinator for Health Information Technology (ONC) released earlier this year the Trusted Exchange Framework and Common Agreement (TEFCA), which is intended to improve electronic interoperability among health information networks (HINs) and facilitate the exchange of health information among connected organizations. 

Importantly, TEFCA is not just about HINs.  Under TEFCA, any organization that connects to a HIN designated as a Qualified HIN (QHIN) may be able to meet many interoperability and information sharing obligations without implementing technology integrations on a request-by-request basis.  ONC believes that TEFCA will “reduce the need for duplicative network connectivity interfaces, which are costly, complex to create and maintain, and an inefficient use of provider and health IT developer resources.” ONC stated that connected organizations “will be able to share information with all other connected entities regardless of which QHIN they choose.” 

However, participation in TEFCA comes with a price.  Organizations that connect to QHINs, either directly or indirectly, will likely need to agree to new contractual requirements that flow-down from QHINs.Continue Reading ONC’s Trusted Exchange Framework and Common Agreement (TEFCA): Impacts on Health Information Networks and Health Care Organizations

As the health care industry as a whole comes to grips with the fallout from the U.S. Supreme Court’s decision to overturn Roe v. Wade in Dobbs v. Jackson Women’s Health, here at Reed Smith we have formed a Reproductive Health Working Group to bring expertise from the across our many specialty areas to help our clients to prepare for the post-Dobbs reality.

To that end, we have generated a series of “unanswered questions” client updates to reflect the issues that a Roe reversal may have for the health care industry. Earlier posts on this blog have shared the parts of that series that focused on pharmacieshealth care providers, and fertility practices, and employee benefit plans.

The Working Group has put together two new updates to branch into the employment and privacy areas.Continue Reading Unanswered Questions on Privacy and Employment from Supreme Court Overturn of Roe v. Wade