Author: WadeEmmert

Categories
Health Law Highlights

UnitedHealth Paid Hackers $22 Million Ransom

Summary of article from CNBC, by Ashley Capoot:

UnitedHealth Group confirmed the company paid a $22 million ransom after hackers breached its subsidiary, Change Healthcare, affecting the healthcare sector broadly. The breach left many doctors unable to fill prescriptions or get paid for their services temporarily. Witty revealed that the cybercriminals accessed Change Healthcare through a server that lacked multi-factor authentication, a security measure now implemented across all UnitedHealth’s external-facing systems. The breach compromised files containing protected health information and personally identifiable information, with a data review ongoing. UnitedHealth is working with regulators to assess the breach and notify affected individuals, while also implementing measures to prevent future cyberattacks.

Categories
Health Law Highlights

Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits

Summary of article from GovInfo Security, by Marianne Kolbasuk McGee:

Ernest Health, a Texas-based operator of rehabilitation hospitals, is facing multiple federal proposed class action lawsuits following a ransomware attack that potentially compromised the sensitive information of over 101,000 individuals across several states. The company reported 33 separate breaches involving a network server and a HIPAA business associate at rehabilitation and long-term care hospitals in 12 states. The lawsuits allege that Ernest Health’s negligence in failing to protect sensitive personal information puts the plaintiffs at risk of identity theft and other crimes. The compromised information includes names, addresses, birthdates, medical record numbers, health insurance plan member IDs, claims data, diagnosis, and prescription information, with some Social Security numbers and driver’s license numbers also affected. In response to the incident, Ernest Health has implemented additional safeguards and technical security measures to further protect and monitor its systems.

Categories
Health Law Highlights

How ACOs Can Harness AI’s Transformative Potential

Summary of article from MedCity News, by Theresa Hush:

Artificial intelligence (AI) is revolutionizing various sectors, including healthcare, by improving diagnoses, personalizing medicine, and developing less-invasive procedures. However, its application in accountable care organizations (ACOs) remains limited, mainly to patient-checking bots and robotic assistants, without fully exploring AI’s potential for predictive healthcare and cost reduction. ACOs face challenges in data aggregation and utilization, often relying on retrospective claims data rather than forward-thinking clinical data insights, hindering significant improvements in patient outcomes and cost savings. To leverage AI effectively, ACOs need to aggregate comprehensive data from all provider EHRs, build clinically rich data substrates, and share data with providers. Thus, integrating AI with electronic health records can offer ACOs opportunities to improve patient health outcomes and reduce costs.

Categories
Health Law Highlights

Drugmakers Exposed to Antitrust Probes if Patent Cache Added

Summary of article from Bloomberg Law, by Annelise Gilbert:

The US Patent and Trademark Office (USPTO) has proposed a rule that would create a repository for all settlement agreements related to patent challenges, potentially exposing pharmaceutical companies to antitrust scrutiny. The proposed rule would expand the requirements for companies to file detailed reports after reaching a settlement. The new requirement could assist the FTC and DOJ in determining if antitrust laws have been violated, and may also give non-agency third parties expanded access to the agreements. The proposal has raised concerns in the pharmaceutical industry about the disclosure of confidential agreements and potential antitrust investigations. The rule aligns with an executive order from President Joe Biden encouraging federal agencies to cooperate in policing anticompetitive practices.

Categories
Health Law Highlights

US DEA Will Reclassify Marijuana, Ease Restrictions

Summary of article from AP News, by Zeke Miller, Joshua Goodman, Jim Mustian, Lindsay Whitehurst:

The U.S. Drug Enforcement Administration (DEA) plans to reclassify marijuana as a less dangerous drug, recognizing its medical uses and lower potential for abuse. The proposal, pending review by the White House Office of Management and Budget, would move marijuana from a Schedule I to a Schedule III drug but would not legalize it for recreational use. This change follows President Biden’s call for a review of federal marijuana law and his efforts to pardon Americans convicted of simple possession. Critics argue the move could lead to harmful side effects and that marijuana should be treated like alcohol instead. Despite the change, marijuana would still be a controlled substance and subject to federal regulations.

Categories
Health Law Highlights

US Challenges ‘Bogus’ Patents on Ozempic and Other Drugs in Effort to Spur Competition

Summary of article from AP News, by Matthew Perrone:

The Federal Trade Commission (FTC) is challenging patents on 20 brand-name drugs, including Ozempic, as part of the Biden administration’s efforts to target pharmaceutical industry practices that inflate prices. The FTC alleges that patents filed by companies such as Novo Nordisk, GlaxoSmithKline, and AstraZeneca are inaccurate or misleading. These patents, often used to prevent competition from cheaper generic medicines, are being scrutinized as they contribute to high prescription drug costs. This move follows a similar action in September when regulators challenged over 100 patents held by drug manufacturers. The companies have 30 days to withdraw or update their patent listings, or certify their legitimacy under penalty of perjury.

Categories
Ask the Health Lawyer

Physician Group Integration: Trends & Challenges

Summary of article from VMG Health, by Cordell J. Mack:

Hospitals and health systems have been integrating with physician groups in an effort to improve healthcare quality, service, and efficiency, with mixed results. Despite this, health system employment of physicians continues to rise, currently accounting for over 50% of all practicing physicians. However, the multispecialty group structure commonly used in these systems presents challenges, including financial misalignment across subspecialties and inconsistent financial reporting. VMG Health suggests an alternative approach involving reorganization of physician enterprise offerings within integrated delivery systems, focusing on improved governance, financial reporting, and physician loyalty. This evolving landscape of physician organizational structures within health systems aims to enhance operational efficiency, growth, and care delivery.

Categories
Health Law Highlights

How Pharmacies Can Protect Patient Data From Cyber Threats

Summary of article from Specialty Pharmacy Continuum, by Karen Blum:

Pharmacies, both large and small, are increasingly targeted by sophisticated cyberattacks due to their databases of patient financial and health information. The breaches can lead to identity theft and drug diversion, with hackers using advanced tactics to gain access to data. To mitigate these risks, pharmacies should establish a robust cybersecurity plan, keep it updated, and conduct regular staff training. Vetting vendors for their data protection measures and having a contingency plan for data breaches are also crucial. In case of a breach, pharmacies should comply with all legal requirements, including notifying affected individuals and the Federal Trade Commission.

Categories
Health Law Highlights

Health Care Giant Comes Clean About Recent Hack and Paid Ransom

Summary of article from Ars Technica, by Dan Goodin:

Change Healthcare, a US health care services provider, was attacked by ransomware group ALPHV or BlackCat, disrupting the US prescription market for two weeks. The breach occurred due to a compromised account that lacked multifactor authentication (MFA), allowing hackers to access and exfiltrate data. The company paid a ransom of $22 million to ALPHV and spent two weeks rebuilding its IT infrastructure. The attack resulted in a cost of $872 million in the first quarter, leading to accelerated payments and no-interest, no-fee loans of over $6.5 billion to affected providers. Currently, the company’s payment processing is at 86% of its pre-incident levels.

Categories
Health Law Highlights

HHS Extends the Antidiscrimination Provisions of the Affordable Care Act to Patient Care Decision Support Tools, Including Algorithms

Summary of article from Epstein Becker Green, by Bradley Merrill Thompson:

The Office of Civil Rights (OCR) has published its final rule on algorithmic discrimination by payers and health care providers. The rule, based on section 1557 of the Affordable Care Act, prohibits discrimination on the basis of race, color, national origin, sex, age, or disability through the use of patient care decision support tools. Covered entities are required to identify and mitigate the risk of discrimination in these tools, with larger, more sophisticated organizations held to a higher compliance standard. The rule applies to both automated and non-automated tools and is set to become effective 300 days after its publication. OCR is also considering additional rulemaking to expand the scope of the regulation.