Skip to the contentAccountable Care Organizations
- Health policy experts anticipate the second Trump administration will revive the Geographic Direct Contracting Model that was suspended by the Biden administration before implementation. The model would assign entire geographic regions to accountable entities responsible for managing care and costs for all Medicare beneficiaries in those areas, unlike current models that focus only on patients already connected to participating providers. Authors recommend modifications including leveraging Medicare’s 1.3 percent administrative costs rather than replacing them with private insurance overhead of 12-15 percent, starting with modest discount requirements of 1-2 percent instead of the original 3-5 percent, and building on existing provider-led ACOs rather than insurance companies. The successor ACO REACH program generated $1.6 billion in gross savings and $695 million in net savings to CMS in 2023, with 73 out of 83 participating ACOs meeting continuous improvement requirements. The authors argue a revised model could combine Medicare’s efficiency with population health innovations while serving as regional sentinels against fraud, waste, and abuse. Source: Health Affairs
AI Transcription
Antitrust
- Washington and Colorado will require companies filing Hart-Scott-Rodino premerger notifications to simultaneously submit copies to state attorneys general starting this summer. Washington’s law takes effect July 27, 2025, while Colorado’s becomes effective August 6, 2025, applying to companies with their principal place of business in the state or with annual net sales of at least $25.28 million in goods or services involved in the transaction. The laws impose no filing fees but carry penalties of up to $10,000 per day for non-compliance, and they do not create waiting periods that would prevent deal closings. Both states based their legislation on the Uniform Antitrust Premerger Notification Act approved by the Uniform Law Commission in July 2024, which provides a model for state attorneys general to receive HSR filings at the same time as federal antitrust agencies. Hawaii, West Virginia, District of Columbia, California, and New York are considering similar legislation, with New York’s proposed law extending beyond the model act to require all businesses conducting operations in the state to file with the attorney general. Source: Hogan Lovells
Business Entities
- Texas enacted two bills in May 2025 that reshape corporate governance to attract businesses away from Delaware. Senate Bill 29, effective immediately, codifies the business judgment rule for directors and officers, allows companies to require internal disputes be heard exclusively in Texas courts, permits jury trial waivers, and restricts shareholder inspection rights to exclude emails and social media unless they directly relate to corporate actions. The law also requires minimum ownership thresholds of up to 3% for derivative suits and prohibits attorney fee awards in disclosure-only cases. Senate Bill 1057, effective September 1, 2025, imposes stricter requirements on shareholder proposals by mandating that shareholders hold $1 million in market value or 3% of voting stock for at least six months and solicit 67% of voting power. These changes position Texas to compete with Delaware in the corporate law space as states seek to attract incorporation business. Source: Seyfarth Shaw LLP
Compassionate Use
- Texas expanded its medical cannabis program through HB 46, which Governor Greg Abbott signed into law on June 21, 2025. The law, effective September 1, 2025, adds chronic pain, Crohn’s disease, traumatic brain injury, terminal illnesses, and hospice care as qualifying conditions. The legislation increases THC limits from 1% by weight to 10 milligrams per dose with packages not exceeding 1 gram of THC, and expands delivery methods to include lotions, patches, suppositories, and non-smoked inhalation devices. The Department of Public Safety will issue 12 additional licenses for dispensing organizations, bringing the total to 15, while the Texas Board of Pharmacy will monitor dispensed cannabis through the Prescription Monitoring Program. Patient recommendations remain valid for one year with four 90-day refills, and patient registry information stays confidential with access limited to the department, registered physicians, and dispensing organizations. Source: Marijuana Policy Project
Concierge Medicine
Data Privacy
- Colorado and California became the first US states to enact privacy laws governing neural data in 2024, with at least six other states now proposing similar legislation. The two states took different approaches, with Colorado requiring opt-in consent before collecting neural data while California only provides consumers with limited opt-out rights for uses beyond requested services. Current federal laws like HIPAA provide minimal protection for neural data, covering it only when collected by healthcare entities. Connecticut, Illinois, Massachusetts, Minnesota, Montana, and Vermont have pending bills that vary in scope, with some treating neural data as biometric information and others creating standalone protections. Companies collecting neural data from brain-computer interfaces and neurotechnology devices face compliance challenges due to the inconsistent state-by-state regulatory approach. Source: Arnold & Porter
- Healthcare organizations face mounting cybersecurity threats as data breach costs reach $4.88 million globally, representing a 10 percent increase from the previous year. Electronic health records containing protected health information have become prime targets for cybercriminals using phishing and ransomware attacks. Generative AI tools are expanding the attack surface by introducing vulnerabilities through flawed code, data exposure risks, and threats like prompt injection and deep fakes. A HIMSS/Trimex study reveals that 74 percent of healthcare organizations feel understaffed to handle rising cyber threats. Healthcare providers must implement staff education programs, physical and technical security controls, data encryption, role-based access control, and vetted third-party partnerships while achieving HITRUST certification as the gold standard for data security compliance. Source: HIT Consultant
Eliminating Kickbacks in Recovery Act
Fraud & Abuse
- UnitedHealth Group disclosed Thursday it faces criminal and civil investigations from the Department of Justice. The company said in an SEC filing it was complying with DOJ requests and had reached out to the department after media reports about probes into its Medicare practices. The investigation adds to a year of challenges for the healthcare company, which became the worst performer on the Dow Jones Industrial Average during the first half of 2025 following the fatal shooting of CEO Brian Thompson and the departure of the company’s CEO in May. The Wall Street Journal previously reported the DOJ’s healthcare-fraud unit was investigating possible Medicare fraud at the company, along with potential antitrust violations and Medicare billing practices. UnitedHealth’s stock declined 1.5 percent in morning trading following the announcement, though the company maintains it has “full confidence” in its practices. Source: ABC News
Medical Debt
- A federal court has vacated the Consumer Financial Protection Bureau’s Medical Debt Rule after finding the agency exceeded its authority under federal law. The United States District Court for the Eastern District of Texas approved a consent judgment this month, ruling that the CFPB violated the Fair Credit Reporting Act and the Administrative Procedure Act when it finalized the rule in January 2025. The rule would have prohibited credit reporting agencies from including any medical debt information in consumer reports and barred creditors from considering such information in credit decisions. Trade associations representing credit unions and consumer data industries challenged the rule, and the CFPB under new leadership agreed with the challengers. The decision restores the framework where credit reporting agencies can report coded medical debt information that protects patient privacy. Source: Health Care Law Matters
Medicare Reimbursement
- CMS released the calendar year 2026 Medicare Physician Fee Schedule and Quality Payment Program proposed rule that establishes different payment rates for physicians based on their participation in alternative payment models. The proposed conversion factor for qualifying alternative payment model participants is $33.59, representing a 3.83% increase, while non-participants would receive $33.42, a 3.62% increase from 2025. CMS proposes applying a -2.5% efficiency adjustment to work relative value units for non-time-based services, excluding evaluation and management services, care management, behavioral health, and telehealth services. The agency will recognize higher indirect practice expense costs for office-based practitioners compared to facility settings due to the decline in private practice physicians. CMS also introduced a mandatory Ambulatory Specialty Model for specialists treating low back pain or heart failure that will assess individual physicians on quality metrics and apply payment adjustments ranging from -9% to +9% from 2027 through 2031. Source: AAMC
- CMS launched the WISeR model in June, using artificial intelligence to review Medicare payments for select services during a six-year pilot program from January 2026 to December 2031. The program applies only to original Medicare plans and initially covers skin and tissue substitutes, electrical nerve stimulator implants, and knee arthroscopy for osteoarthritis, while excluding emergency services and treatments that pose risks if delayed. Model participants receive compensation based on a percentage of savings from denied services, raising concerns about financial incentives for denials given that similar AI programs have faced lawsuits where over 90% of denials were later overturned on appeal. A Senate subcommittee report from October 2024 found that Medicare Advantage plans using predictive analysis increased automatic denials for post-acute services without regard to patient need. Providers can earn “gold card” status to become exempt from reviews by demonstrating high authorization approval rates, and experts recommend that providers engage with CMS during the pilot phase and monitor denial patterns for algorithm errors. Source: Phelps Dunbar LLP
Reproductive Rights
Skilled Nursing Facilities
- CMS has extended the deadline for skilled nursing facilities to submit enhanced ownership disclosure requirements from August 1, 2025, to January 1, 2026. The new guidance implements Section 1124(c) of the Social Security Act through a revised Form CMS-855A that requires SNFs to disclose detailed information about governing body members, additional disclosable parties with operational or financial control, and organizational structures of related entities. The enhanced requirements, effective October 1, 2024, apply to all SNFs enrolling, revalidating, reactivating, or undergoing ownership changes, expanding beyond current Section 1124(a) disclosures to include parties providing management services, leasing real property, or exercising control over facility operations. All SNFs must complete revalidation applications by the uniform January 1, 2026 deadline regardless of when they received notification letters from Medicare Administrative Contractors. SNFs experiencing difficulty obtaining required information from third parties must document maximum feasible efforts to secure the data before notifying their contractors of any gaps. Source: CMS Guidance for SNF Attachment on Form CMS-855A
- The HHS Office of Inspector General imposed over $1.6 million in penalties against 20 healthcare facilities for employing individuals excluded from federal healthcare programs. On May 29, 2025, HHS-OIG announced a $1,565,374.11 settlement with 19 skilled nursing facilities across California, Texas, Ohio, and Nevada to resolve allegations that they knew or should have known they employed excluded individuals who provided services billed to federal programs. The agency also reached a separate $35,597.37 settlement with CareLink Home Health, LLC in Illinois for employing an excluded individual who worked as a nurse and case manager while on the exclusions list. HHS-OIG excludes individuals and entities from Medicare and Medicaid programs for various reasons, with exclusion periods ranging from discretionary terms to permanent bans for repeat offenders. Healthcare organizations must check the HHS-OIG List of Excluded Individuals/Entities before hiring new employees or vendors and conduct regular checks of current staff to avoid civil monetary penalty liability. Source: HIPAA Journal
