Fitch Ratings reports that the Federal Trade Commission’s (FTC) new rule banning non-compete clauses could cause staffing issues for not-for-profit (NFP) hospitals already grappling with wage increases. The rule, which is set to take effect 120 days after its April 30, 2024, publication in the Federal Register, has already faced legal challenges. It could potentially increase wage pressure and introduce operational instability due to higher staff turnover, especially in smaller or rural NFP hospitals. The impact of the rule, if it survives court challenges, is expected to be felt in 2025. This development, along with other factors like minimum wage laws and increased scrutiny of hospital mergers and acquisitions, could sustain pressure on the sector.
Summary of article from IAPP, by Jodi Daniels, CIPP/US:
Managing cookies is essential for compliance with privacy and data protection laws worldwide. Establishing a cookie governance program involves designating roles for program leadership, creating a comprehensive policy for cookie use and removal, and implementing systems to manage user consent. Regular audits and privacy impact assessments for new cookie use are necessary to ensure ongoing compliance. Employees should be trained on the cookie program and privacy practices, and privacy notices must accurately reflect the company’s cookie practices. As technologies and privacy laws evolve, businesses should regularly review and update their cookie governance program to maintain compliance.
Summary of article from CNBC, by Ashley Capoot:
UnitedHealth Group confirmed the company paid a $22 million ransom after hackers breached its subsidiary, Change Healthcare, affecting the healthcare sector broadly. The breach left many doctors unable to fill prescriptions or get paid for their services temporarily. Witty revealed that the cybercriminals accessed Change Healthcare through a server that lacked multi-factor authentication, a security measure now implemented across all UnitedHealth’s external-facing systems. The breach compromised files containing protected health information and personally identifiable information, with a data review ongoing. UnitedHealth is working with regulators to assess the breach and notify affected individuals, while also implementing measures to prevent future cyberattacks.
Summary of article from GovInfo Security, by Marianne Kolbasuk McGee:
Ernest Health, a Texas-based operator of rehabilitation hospitals, is facing multiple federal proposed class action lawsuits following a ransomware attack that potentially compromised the sensitive information of over 101,000 individuals across several states. The company reported 33 separate breaches involving a network server and a HIPAA business associate at rehabilitation and long-term care hospitals in 12 states. The lawsuits allege that Ernest Health’s negligence in failing to protect sensitive personal information puts the plaintiffs at risk of identity theft and other crimes. The compromised information includes names, addresses, birthdates, medical record numbers, health insurance plan member IDs, claims data, diagnosis, and prescription information, with some Social Security numbers and driver’s license numbers also affected. In response to the incident, Ernest Health has implemented additional safeguards and technical security measures to further protect and monitor its systems.
Summary of article from MedCity News, by Theresa Hush:
Artificial intelligence (AI) is revolutionizing various sectors, including healthcare, by improving diagnoses, personalizing medicine, and developing less-invasive procedures. However, its application in accountable care organizations (ACOs) remains limited, mainly to patient-checking bots and robotic assistants, without fully exploring AI’s potential for predictive healthcare and cost reduction. ACOs face challenges in data aggregation and utilization, often relying on retrospective claims data rather than forward-thinking clinical data insights, hindering significant improvements in patient outcomes and cost savings. To leverage AI effectively, ACOs need to aggregate comprehensive data from all provider EHRs, build clinically rich data substrates, and share data with providers. Thus, integrating AI with electronic health records can offer ACOs opportunities to improve patient health outcomes and reduce costs.
Summary of article from Bloomberg Law, by Annelise Gilbert:
The US Patent and Trademark Office (USPTO) has proposed a rule that would create a repository for all settlement agreements related to patent challenges, potentially exposing pharmaceutical companies to antitrust scrutiny. The proposed rule would expand the requirements for companies to file detailed reports after reaching a settlement. The new requirement could assist the FTC and DOJ in determining if antitrust laws have been violated, and may also give non-agency third parties expanded access to the agreements. The proposal has raised concerns in the pharmaceutical industry about the disclosure of confidential agreements and potential antitrust investigations. The rule aligns with an executive order from President Joe Biden encouraging federal agencies to cooperate in policing anticompetitive practices.
Summary of article from AP News, by Zeke Miller, Joshua Goodman, Jim Mustian, Lindsay Whitehurst:
The U.S. Drug Enforcement Administration (DEA) plans to reclassify marijuana as a less dangerous drug, recognizing its medical uses and lower potential for abuse. The proposal, pending review by the White House Office of Management and Budget, would move marijuana from a Schedule I to a Schedule III drug but would not legalize it for recreational use. This change follows President Biden’s call for a review of federal marijuana law and his efforts to pardon Americans convicted of simple possession. Critics argue the move could lead to harmful side effects and that marijuana should be treated like alcohol instead. Despite the change, marijuana would still be a controlled substance and subject to federal regulations.
Summary of article from AP News, by Matthew Perrone:
The Federal Trade Commission (FTC) is challenging patents on 20 brand-name drugs, including Ozempic, as part of the Biden administration’s efforts to target pharmaceutical industry practices that inflate prices. The FTC alleges that patents filed by companies such as Novo Nordisk, GlaxoSmithKline, and AstraZeneca are inaccurate or misleading. These patents, often used to prevent competition from cheaper generic medicines, are being scrutinized as they contribute to high prescription drug costs. This move follows a similar action in September when regulators challenged over 100 patents held by drug manufacturers. The companies have 30 days to withdraw or update their patent listings, or certify their legitimacy under penalty of perjury.
Summary of article from VMG Health, by Cordell J. Mack:
Hospitals and health systems have been integrating with physician groups in an effort to improve healthcare quality, service, and efficiency, with mixed results. Despite this, health system employment of physicians continues to rise, currently accounting for over 50% of all practicing physicians. However, the multispecialty group structure commonly used in these systems presents challenges, including financial misalignment across subspecialties and inconsistent financial reporting. VMG Health suggests an alternative approach involving reorganization of physician enterprise offerings within integrated delivery systems, focusing on improved governance, financial reporting, and physician loyalty. This evolving landscape of physician organizational structures within health systems aims to enhance operational efficiency, growth, and care delivery.
Summary of article from Specialty Pharmacy Continuum, by Karen Blum:
Pharmacies, both large and small, are increasingly targeted by sophisticated cyberattacks due to their databases of patient financial and health information. The breaches can lead to identity theft and drug diversion, with hackers using advanced tactics to gain access to data. To mitigate these risks, pharmacies should establish a robust cybersecurity plan, keep it updated, and conduct regular staff training. Vetting vendors for their data protection measures and having a contingency plan for data breaches are also crucial. In case of a breach, pharmacies should comply with all legal requirements, including notifying affected individuals and the Federal Trade Commission.