Wade’s Health Law Highlights - Healthcare Empowered

Litigation

Texas Attorney General Ken Paxton sued a Dallas doctor for providing gender-affirming treatments to minors, violating a state ban. The lawsuit alleges the doctor used false diagnoses and billing codes to mask the care. The doctor practices at UT Southwestern and Children’s Health, both affiliated with the state.
The FTC appealed a Texas ruling that invalidated its nationwide ban on employment noncompete agreements. The FTC’s noncompete ban, which aimed to prohibit noncompete agreements between employers and employees, faces legal challenges and may eventually reach the Supreme Court. Employers are advised to comply with state laws regarding restrictive covenants.

The Health Infrastructure Security and Accountability Act (HISAA) aims to enhance cybersecurity standards for healthcare organizations by imposing mandatory minimum security measures and providing financial support for compliance. The bill requires annual audits, stress tests, and increased accountability for non-compliance, with penalties reaching up to $250,000 for willful neglect. HISAA also includes financial assistance for hospitals to enhance their cybersecurity infrastructure, particularly for rural and safety net facilities.
HIPAA EDI transactions are electronic data exchanges between healthcare providers and health plans that adhere to HHS standards. Non-compliance can result in delayed treatments and payments, and may lead to sanctions or exclusion from Medicare and Medicaid.

The Outpatient and Ambulatory Surgery Consumer Assessment of Healthcare Providers and Systems (OAS CAHPS) survey, which evaluates patient satisfaction in outpatient healthcare facilities, will become mandatory for ASCs and HOPDs in January 2025. ASCs should prepare by aligning operations with OAS CAHPS guidelines and engaging a CMS-approved vendor to administer the survey. Participation in the survey is essential for compliance and can impact public perception and reimbursement rates.

The former owner of 4M Pharmaceutics was convicted of defrauding Medicare out of $160 million by submitting claims for medically unnecessary drugs using illegally obtained patient information. Mokbel faces decades in prison and millions in restitution and fines. Prosecutors argued that Mokbel’s scheme involved using diabetes testing equipment as a ruse to send patients topical creams and Omega-3 pills they didn’t need, while Mokbel’s defense claimed he acted within the bounds of the law.

A Louisiana court awarded $421 million to an out-of-network provider in a dispute with Blue Cross Blue Shield of Louisiana over underpayment for services rendered. This verdict, along with similar cases, highlights the need for fair reimbursement for healthcare providers. Insurance companies may face increased scrutiny and potential financial consequences for underpaying or denying payment to out-of-network providers.

UMC Health System in Lubbock, Texas, has restored its electronic medical record (EHR) system after a ransomware attack in September. The divert for emergency patients has been lifted, but some patient-facing systems are still being restored. The investigation into the attack is ongoing.
Ransomware claims have increased by 68% in severity, with an average loss of $353,000. Business Email Compromise remains a leading threat, while funds transfer fraud has seen a slight decline.

The Texas Medical Board has proposed new telemedicine regulations. The new rules would require a full license to provide telemedicine services, reaffirms that telemedicine services be performed in compliance with the Texas Occupations Code and the Medical Practice Act, and establishes requirements for prescribing for chronic pain via telemedicine.
The DEA is expected to extend telemedicine prescribing flexibilities for controlled substances through 2025, following pressure from Congress and the White House. Without an extension, the flexibilities that have increased access to healthcare for rural and underserved communities will expire, potentially leaving thousands of patients without access to critical medications. Stakeholders are urging the DEA to extend the flexibilities and create a taskforce to provide feedback on a new proposed rule for telemedicine prescribing of controlled substances.

CMS proposed a rule to amend the Medicare Overpayment Rule, extending the deadline for providers to investigate overpayments from 60 to 180 days. The rule also seeks to replace the “reasonable diligence” standard with the FCA’s knowledge standard.

The FTC’s final rule for premerger notifications expands disclosure requirements, particularly for healthcare transactions. It aims to address gaps in enforcement by requiring more extensive data and information on corporate structure, transaction details, competition, and prior acquisitions. The rule is expected to increase compliance time and may lead to more scrutiny of healthcare mergers and acquisitions.