Categories
Health Law Highlights

Navigating Tax Due Diligence in Healthcare Acquisitions

Summary of article from VMG Health, by Grayson Terrell, CPA; Joe Scott, CPA; Lukas Recio, CPA; Wayne Prior, CPA; and the Baker Tilly team:

Healthcare M&A transactions require a collaborative approach between financial and tax due diligence experts to identify potential problems and their tax consequences, which can impact the deal structure and negotiation process. Tax considerations, such as whether a sale is taxable or tax-free, greatly influence the structure of a sale. The tax entity type of the target (S corporation, Partnership, or C corporation) is crucial to understand as it affects the arising tax issues. Common healthcare tax due diligence issues include improper independent contractor classification, unclaimed property, improper treatment of owner personal expenses, unreasonable owner compensation, related-party transactions, cash vs. accrual accounting method, pass-through entity tax, 20 percent deduction under Section 199A, built-in gains tax, and non-resident withholding. Each of these issues requires careful consideration and vetting to avoid potential adverse tax implications for the buyer.

Categories
Health Law Highlights

Some Nurses Have a Deep Distrust of AI – but Transparency and Training Could Help

Summary of article from Healthcare IT News, by Andrea Fox:

The California Nurses Association (CNA) has protested against the use of artificial intelligence (AI) in healthcare by Kaiser Permanente, citing concerns over patient safety, job displacement, and the devaluation of nursing practice. The CNA demands that workers and unions be involved in the development and deployment of AI in healthcare. Meanwhile, Kaiser Permanente argues that AI can improve patient care, citing a program that reportedly saved approximately 500 patient lives annually. A recent report revealed that many nurses are uncomfortable with AI, with concerns ranging from lack of empathy to data security. The report suggests that for successful AI implementation, healthcare organizations should prioritize transparency, training, communication, and feedback.

Categories
Health Law Highlights

What Parkland Can Teach Other Hospitals About AI in Health Care

Summary of article from Dallas Morning News:

Parkland Health is actively utilizing artificial intelligence (AI) in medical practices, including trauma patient treatment and assisting doctors with paperwork. The technology analyzes patient data and updates survival probabilities in real time, while also transcribing doctors’ notes. Despite potential AI biases and inaccuracies, Parkland mitigates these risks through regular model reviews. The hospital, an early adopter of electronic health records and a member of Duke University’s Health AI partnership corps, has leveraged AI to predict patient needs and manage patient loads. Being a public hospital, Parkland strategically implements thoroughly vetted AI tools or collaborates with the Parkland Center for Clinical Innovation on new technologies.

Categories
Health Law Highlights

FDA Finalizes Rule Regulating Laboratory Developed Tests

Summary of article from Polsinelli, by Suzanne Bassett, Michael Gaba:

The FDA’s Final Rule regulating Laboratory-Developed Tests (LDTs) was published on May 6, 2024, and is expected to take effect in 60 days. The rule expands the definition of in vitro diagnostics (IVDs) to include LDTs and will significantly alter the regulatory landscape for LDTs, impacting manufacturers, patients, and healthcare providers. Despite over 6,500 comments, no substantial changes were made from the Proposed Rule to the Final Rule, but there were significant adjustments to enforcement discretion policies. The rule is expected to face legal challenges and potential legislative action from Congress. The Final Rule applies to all IVDs offered as LDTs, regardless of whether the test meets the traditional definition.

Categories
Health Law Highlights

How HHS OCR Is Boosting HIPAA Enforcement; Here Come Audits

Summary of article from BankInfo Security, by Marianne Kolbasuk McGee:

The Department of Health and Human Services (HHS) is working on a proposed update to the HIPAA Security Rule and intensifying enforcement efforts, including resuming HITECH Act HIPAA audits. The focus is on the requirement for risk analysis, a significant weakness among regulated organizations, contributing to many breaches. HHS plans to update the HIPAA Security Rule by the end of the year to reflect technological and healthcare delivery changes over the last two decades. Despite its scalability and technology-neutral nature, the rule’s 20-year-old framework doesn’t reflect current healthcare practices, necessitating the integration of practices like end-to-end encryption. Additionally, the HHS has reopened HITECH audits and is proactively conducting them.

Categories
Health Law Highlights

Do Cosmetic Injections Involve The Practice Of Medicine?

Summary of article from Hendershot & Cowart, by Keith Lefkowitz:

Cosmetic injections, such as Botox and dermal fillers, are considered the practice of medicine in Texas and can only be performed under the authority of a physician. Texas law has seen a series of criminal cases involving unlicensed practice of medicine and cosmetic injections, resulting in serious consequences. Practicing medicine without a license is a crime in Texas, with penalties ranging from state jail felonies to third degree felonies, depending on the harm caused. The Texas Medical Board and Attorney General can also impose civil penalties and issue cease-and-desist orders. Therefore, healthcare providers and med spa owners are advised to consult with a healthcare attorney to ensure regulatory compliance and patient safety.

Categories
Health Law Highlights

A Comprehensive Guide to Creating a Sustainable Cookie Program

Summary of article from IAPP, by Jodi Daniels, CIPP/US:

Managing cookies is essential for compliance with privacy and data protection laws worldwide. Establishing a cookie governance program involves designating roles for program leadership, creating a comprehensive policy for cookie use and removal, and implementing systems to manage user consent. Regular audits and privacy impact assessments for new cookie use are necessary to ensure ongoing compliance. Employees should be trained on the cookie program and privacy practices, and privacy notices must accurately reflect the company’s cookie practices. As technologies and privacy laws evolve, businesses should regularly review and update their cookie governance program to maintain compliance.

Categories
Health Law Highlights

UnitedHealth Paid Hackers $22 Million Ransom

Summary of article from CNBC, by Ashley Capoot:

UnitedHealth Group confirmed the company paid a $22 million ransom after hackers breached its subsidiary, Change Healthcare, affecting the healthcare sector broadly. The breach left many doctors unable to fill prescriptions or get paid for their services temporarily. Witty revealed that the cybercriminals accessed Change Healthcare through a server that lacked multi-factor authentication, a security measure now implemented across all UnitedHealth’s external-facing systems. The breach compromised files containing protected health information and personally identifiable information, with a data review ongoing. UnitedHealth is working with regulators to assess the breach and notify affected individuals, while also implementing measures to prevent future cyberattacks.

Categories
Health Law Highlights

Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits

Summary of article from GovInfo Security, by Marianne Kolbasuk McGee:

Ernest Health, a Texas-based operator of rehabilitation hospitals, is facing multiple federal proposed class action lawsuits following a ransomware attack that potentially compromised the sensitive information of over 101,000 individuals across several states. The company reported 33 separate breaches involving a network server and a HIPAA business associate at rehabilitation and long-term care hospitals in 12 states. The lawsuits allege that Ernest Health’s negligence in failing to protect sensitive personal information puts the plaintiffs at risk of identity theft and other crimes. The compromised information includes names, addresses, birthdates, medical record numbers, health insurance plan member IDs, claims data, diagnosis, and prescription information, with some Social Security numbers and driver’s license numbers also affected. In response to the incident, Ernest Health has implemented additional safeguards and technical security measures to further protect and monitor its systems.

Categories
Health Law Highlights

How ACOs Can Harness AI’s Transformative Potential

Summary of article from MedCity News, by Theresa Hush:

Artificial intelligence (AI) is revolutionizing various sectors, including healthcare, by improving diagnoses, personalizing medicine, and developing less-invasive procedures. However, its application in accountable care organizations (ACOs) remains limited, mainly to patient-checking bots and robotic assistants, without fully exploring AI’s potential for predictive healthcare and cost reduction. ACOs face challenges in data aggregation and utilization, often relying on retrospective claims data rather than forward-thinking clinical data insights, hindering significant improvements in patient outcomes and cost savings. To leverage AI effectively, ACOs need to aggregate comprehensive data from all provider EHRs, build clinically rich data substrates, and share data with providers. Thus, integrating AI with electronic health records can offer ACOs opportunities to improve patient health outcomes and reduce costs.