Categories
Health Law Highlights

Wade’s Health Law Highlights for July 14, 2026

Fraud & Abuse / Enforcement

  • Ruthia He, founder and former CEO of digital mental health company Done Global Inc., was sentenced to six years in prison and a $1 million fine for a scheme that distributed more than 37 million Adderall pills and defrauded insurers of over $12 million Co-defendant David Brody, Done’s former clinical president, was sentenced to two years in prison and a $1 million fine. Court documents described a subscription-based platform, management incentives, and clinical protocols that paid up to $60,000 per month to clinicians who signed Adderall prescriptions every 30 seconds and used an auto-refill feature that generated prescriptions with minimal follow-up, in some cases continuing after patients were placed on psychiatric holds or had died. He and Brody submitted false prior authorization requests claiming Done followed DSM-5 criteria and used urine drug screens, causing Medicare, Medicaid, and commercial insurers to pay approximately $12.3 million. He also moved operations and assets to China, used encrypted and disappearing messages, deleted documents, and researched non-extradition countries to obstruct the investigation; both defendants were convicted in November 2025. Source: U.S. Department of Justice
  • The HHS Office of Inspector General concluded that a home health agency’s payment of subscription fees for preferential access to a digital referral management platform could violate the Anti-Kickback Statute Advisory Opinion 26-15 addressed a platform hospitals use during discharge planning to transmit referral requests electronically to subscribing providers, who could review and respond before non-subscribers relying on fax, email, or phone. OIG found the arrangement did not satisfy the safe harbor for referral services and gave paying providers a competitive advantage in obtaining federal healthcare program beneficiaries rather than an advantage based on quality of services. The agency identified risks of patient steering, unfair competition, and overutilization, noting that providers incurring participation costs may increase utilization of reimbursable services to recover them. OIG advised providers and technology vendors to evaluate whether platform payments represent fair-market-value services or payment for referral opportunities. Source: Clark Hill
  • The Texas Supreme Court holds that omissions claims under the Texas Health Care Program Fraud Prevention Act require proof of materiality, even though Section 36.002(2) does not use the word “material.” Reading the Act against common-law fraud principles, the Court concluded that omitted information must have mattered to the government’s payment decision, reversing a court of appeals decision that had revived claims against a laboratory testing company accused of failing to offer Texas Medicaid the same pricing and discounts extended to other payors. A defendant may negate materiality at summary judgment by presenting competent evidence of undisputed facts incompatible with materiality, shifting the burden to the State to create a genuine issue, and a regulatory violation alone does not establish materiality. Citing Universal Health Services, Inc. v. United States ex rel. Escobar, the Court stated that the government’s continued payment despite knowledge of an alleged violation is strong evidence of immateriality, and here the defendant disclosed the conduct, provided billing data, and kept receiving payment without objection while the State offered no explanation for continuing to pay. Chief Justice Blacklock, joined by Justice Busby, dissented, arguing that the provision requires causation rather than materiality and that the Court added an element the Legislature omitted. Source: False Claims Act Blog

Reimbursement & Payment

HIPAA & Data Privacy

Healthcare AI & Digital Health

  • UpDoc Inc. received FDA clearance for what it describes as the first Software as a Medical Device that uses a patient-facing large language model The company announced on June 25, 2026, that its type 2 diabetes medication management software, issued a 510(k) clearance letter on December 23, 2025, uses a conversational module allowing patients to enter data by voice or chat and receive treatment plan instructions specified by a provider. Future clearances will depend on each product’s intended functions, safety, and efficacy, and clinical AI will likely continue to serve as a support tool for clinicians rather than make independent diagnostic or treatment decisions because of human-in-the-loop and state practice-of-medicine requirements. Developers should assess the applicable clearance pathway — 510(k), De Novo, or PMA — and monitor FDA expectations for post-market surveillance, labeling, cybersecurity, and predetermined change control plans. LLMs with access to patient data also raise HIPAA, privacy, consent, and data governance concerns that require vetting vendors and imposing data use and redisclosure limitations. Source: McGuireWoods
  • Healthcare AI startups most often fail security diligence through application-layer and AI-specific gaps rather than cloud infrastructure A HIPAA-eligible cloud provider secures infrastructure but leaves the startup responsible for how protected health information flows through prompts, logs, vector databases, and third-party API calls. Fine-tuning models on patient data or pulling unredacted notes into logged prompts can cause a system to reproduce protected health information to other users, so data should be de-identified before entering embedding or fine-tuning pipelines. Agents that can submit prior authorizations or update records should have permissions scoped to the minimum action needed, with human approval required for irreversible steps, reflecting the risk OWASP tracks as excessive agency. Every subprocessor that touches protected health information needs a signed business associate agreement and documented data flow, and a HIPAA risk analysis should precede the first pilot; IBM’s 2025 report put the average healthcare breach at $7.42 million. Source: HackerNoon
  • AI chatbots can widen access to mental health care but face limits in treatment Dr. Ryan Raimi’s research examines why some users perceive AI systems as more judgmental than human providers, identifying the agents’ lack of real-world experience and their absence of social and emotional understanding as primary factors. He noted that many people seeking mental health care want to be heard rather than given a solution, which chatbots struggle to provide because empathizing with a client remains difficult. Raimi sees stronger use cases in triage and screening, which follow a straightforward structure, operate around the clock at negligible cost, and could help clinics facing staffing shortages. He said screening applications are approaching global deployment. Source: KERA News

Pharmacy Benefit Managers

  • Express Scripts filed a declaratory judgment action against Texas Attorney General Ken Paxton seeking to block release of an unredacted contract with the Texas A&M University System After a public information request, Express Scripts proposed redactions to shield trade secrets, pricing, and personal information, but the Texas Office of the Attorney General ruled on June 2, 2026, that the contract must be released in full because state agencies are required to post vendor contracts and the statutory trade secret exemptions do not apply. Express Scripts argues the interpretation renders the disclosure exceptions meaningless and that the commercial information qualifies as protected trade secrets under Texas case law. The Texas posting requirement applies only to state agencies and institutions of higher education, not school districts, municipalities, or counties. Mintz advised PBMs and health plans contracting with public entities to label and segregate confidential information, draft trade secret language tracking the applicable statute, and require prompt notice of public records requests. Source: Mintz

Healthcare Costs & Affordability