Author: WadeEmmert

Categories
Health Law Highlights

FDA’s Final Rule on Direct-to-Consumer Advertising – Presentation of Risk Information

From Foley & Lardner, LLP, by Kyle Gaget and Jordan Smiley:

  • The FDA has released a final rule regarding direct-to-consumer (DTC) advertising for prescription drugs and biologics.
  • The rule requires that DTC ads include the most important risks associated with the drug or biologic being advertised.
  • The FDA has also clarified that companies can include a “major statement” in their ads to fulfill this requirement.
  • The final rule also addresses the use of alternative media for DTC ads, such as social media and online platforms.
  • Companies are encouraged to review and update their DTC advertising practices to ensure compliance with the new rule.
Categories
Health Law Highlights

Feds Levy First-Ever HIPAA Fine for a Phishing Breach

From Govinfo Security, by Marianne Colbasuk McGee:

  • The Department of Health and Human Services has issued the first ever HIPAA fine for a phishing breach, highlighting the importance of cybersecurity in the healthcare industry.
  • The fine was imposed on a medical practice that failed to adequately protect the sensitive information of its patients, resulting in a phishing attack that compromised over 17,000 individuals’ data.
  • The incident serves as a reminder for healthcare organizations to implement strong security measures, including employee training and robust email security protocols, to prevent similar breaches from occurring.
  • The HHS Office for Civil Rights (OCR) has emphasized the need for healthcare entities to conduct regular risk assessments and implement appropriate safeguards to protect patient data.
  • This case also highlights the OCR’s commitment to enforcing HIPAA regulations and holding organizations accountable for their failure to secure sensitive information.
Categories
Health Law Highlights

The Growing Causal Divide: But-For Causation in AKS/FCA Actions

From McGuireWoods, by Renee Kumon, Timothy Fry and Brett Barnett:

  • The District of Massachusetts Court recently joined the Sixth and Eighth Circuits in requiring the government to show a direct tie between kickbacks and referrals that proximately caused claims to federal healthcare programs to prevail in Anti-Kickback Statute (AKS) and False Claims Act (FCA) actions.
  • The District Court’s ruling contributes to the growing split between the Third Circuit, which requires a mere causal connection between kickbacks and referrals, and the Sixth and Eighth Circuits, which require but-for causation between the kickback and the federal claim.
  • This split relates to the per se fraud clause added to the AKS in 2010, which provides “a claim that includes items or services resulting from a violation of this section constitutes a false or fraudulent claim” for purposes of the FCA.
Categories
Health Law Highlights

FDA Issues Revised Off-Label Communications Guidance

From Jones Day, by Anthony Dick, Harrison Farmer, Colleen Heisey, Laura Laemmle-Weidenfeld, Rebecca Martin:

  • The FDA has issued a revised draft guidance on the sharing of scientific information with healthcare providers (HCPs) regarding unapproved uses of approved/cleared medical products.
  • The 2023 Guidance expands the scope of recommendations to include independent clinical practice resources and firm-generated presentations of scientific information.
  • It introduces a new evidentiary standard for source publications and emphasizes the importance of truthful, non-misleading, factual, and unbiased communications.
  • The guidance also provides presentational considerations, such as clear disclosures, avoidance of persuasive marketing techniques, and the use of plain language.
  • Comments on the guidance can be submitted until January 5, 2024.
Categories
Health Law Highlights

CMS Issues Interim Rule in Response to State Medicaid Disenrollment Trend

From Nelson Mullins Riley & Scarborough LLP, by Shane Duer, Knicole Emanuel, Cara Ludwig:

  • The Centers for Medicare & Medicaid Services (CMS) has issued an interim rule in response to the trend of states disenrolling recipients from the Medicaid program.
  • The rule aims to limit the removal of recipients from the program for procedural reasons rather than eligibility considerations.
  • States that fail to comply with the rule may face enforcement actions, including submitting a corrective action plan and paying civil money penalties.
  • The rule also requires states to submit reports on their eligibility redetermination activities, which will be made public.
  • The regulations became effective on December 6, 2023.
Categories
Health Law Highlights

What Cigna’s FCA Settlement Means for Other Medicare Advantage Plans

From HealthPayerIntelligence, Victoria Bailey:

  • Cigna’s recent brush with False Claims Act violations serves as a reminder that Medicare Advantage organizations should be routinely assessing their risk and compliance activities.
  • The United States alleged that Cigna submitted inaccurate and untruthful patient diagnosis data to receive additional payments from CMS and did not withdraw the inaccurate data or repay CMS.
  • Cigna submitted the diagnoses to CMS even though they were not supported by information documented on the vendors’ forms, nor were they reported to Cigna by other healthcare providers who saw the patient during the year the home visits occurred.
  • Medicare Advantage is a top priority for the government when it comes to detecting fraud.
  • Medicare Advantage plans should focus on risk mitigation assessments to avoid similar situations:
    • ensure your documentation looks good. Make sure if you’re doing these retrospective reviews of patient charts, you’re not just adding codes, but also making sure that if any of the codes needed to be downgraded, you’re deleting those extra codes
    • look at their data and imagine how it would appear to an objective third party. Plans should ensure they are identifying the correct codes and that any in-home assessments are complete.
    • conduct annual risk assessments and other monitoring.
  • All Medicare Advantage organizations would benefit from proactively assessing their data on a routine basis. Some organizations may be able to monitor their documentation and conduct risk adjustments with their current staff. However, partnering with outside companies may be helpful for others.
Categories
Health Law Highlights

Two Dallas Physicians Charged in $12 Million Fraud Scheme

From D Magazine, by Will Maddox:

  • Drs. Desi and Deno Barroga were indicted for allegedly receiving $12 million from fraudulent claims and illegally distributing hydrocodone to patients from the Dallas pain management clinic where they operated.
  • While at the clinic, the Barrogas would bill insurance for injections of anti-inflammatory steroids without administering the medicine. According to the indictment, the doctors would put a needle against the patient’s skin without piercing the skin to mimic an injection.
  • The physicians allegedly billed for 80 injections on a patient in a single visit. Court records show that the clinic sometimes billed more than $4,000 for services on a single day for a patient.
  • The clinic allegedly created fake health records to reflect the fraudulent billing, often copying and pasting the record from patient to patient with little to no variation. The Barrogas submitted the false records to the insurance companies to justify the alleged fraud. The defendant billed insurance companies for $50 million, of which they were paid $12 million for the fraudulent work.
Categories
Health Law Highlights

The New Health Privacy Landscape—Out of the Frying Pan and Into the Fire

From Perkins Coie, by Stephanie Duchesneau, Susan Fahringer, Meredith Halama, Janis Kestenbaum:

  • The legal landscape around health privacy has become much more complex in recent years, with more entities and types of data now subject to regulation and enforcement.
  • The FTC has taken a broader view of what constitutes sensitive health data and has pursued more enforcement actions around the sharing of such data with third parties like ad tech companies. 
  • Several states like Washington, New York, Nevada, and Connecticut have passed new consumer health privacy laws restricting certain uses of geofencing and health data.
  • HHS and the FTC have also issued new guidance clarifying that certain data sharing practices of HIPAA-covered entities may violate privacy rules.
  • All entities should review their health privacy practices given this changing legal landscape to ensure compliance and avoid litigation and enforcement risks.
Categories
Highlight

Enhanced Nursing Home Ownership Data Required by Biden HHS

From Bloomberg Law, by Tony Pugh:

  • The Biden administration finalized a rule requiring nursing homes to provide more detailed information about their ownership structure, including whether they are owned by private equity firms or real estate investment trusts (REITs). 
  • The additional data collected will be made public to allow families to make more informed choices about facilities and allow outside researchers to study the impact of different ownership models on quality of care.
  • Previous research has found that private equity ownership is associated with higher mortality rates for Medicare patients in nursing homes and increased taxpayer costs per resident. 
  • The private equity industry argues that its investments help strengthen struggling nursing homes by providing capital. 
  • The new rule implements requirements under the Affordable Care Act to increase transparency around nursing home ownership and oversight structures.
Categories
Alert

OIG Publishes a New Guidance Resource and a Report

OIG released our General Compliance Program Guidance (GCPG). The GCPG is a reference guide for the health care compliance community and other health care stakeholders. The GCPG provides information about relevant Federal laws, compliance program infrastructure, OIG resources, and other items useful for understanding health care compliance. The GCPG is voluntary guidance that discusses general compliance risks and compliance programs. The GCPG is not binding on any individual or entity. Download the guide in whole or access individual sections.