Health Law Advisor

Thought Leaders On Laws And Regulations Affecting Health Care And Life Sciences

Hobby Lobby Update

LinkedIn Tweet Like Email Comment

An update on Hobby Lobby by our colleague Stuart Gerson.

In the wake of the Hobby Lobby ruling with respect to the Affordable Care Act’s contraceptive coverage mandate, the Administration (which already has taken steps to fund contraception for employees affected by their employers’ exemption) is attempting also to deal with the issue by a recently-published DHHS regulation setting forth the procedures that “religious” employers might follow to gain exemption from having to provide contraceptive coverage in their sponsored health plans. The proposed rule covers both religious not-for-profits and closely held religious for-profits.

The not-for-profit element has been spawned by religious employers, particularly Notre Dame University and the Little Sisters of the Poor Order, who have challenged the requirement that the ACA allows them to sign a form indicating their objection under a process that allows their employees to obtain contraceptives without the employer paying. These plaintiffs object even to signing the form, which they claim aids and abets the employees’ getting coverage.  The 7th Circuit ruled against them and they have petitioned for cert. The proposed reg would seem to moot the case as it provides that all the non-profit has to do is notify DHHS in writing and the government will do the rest.  One guesses that the plaintiffs won’t accept even this but that the Supreme Court will.

In the Hobby Lobby context  of closely held religiously motivated corporations, the proposed reg would treat them in the same way that non-profits would be treated, which the government believes would be the less-restrictive manner that the Supreme Court’s opinion would allow. The significant open question that remains is how to define how closely held such a company must be to qualify for the exemption. The proposed reg sets forth several possible definitions.

The public comment period runs until October 21

 

Expect Increased OCR HIPAA Security Rule Enforcement for Mobile Devices

LinkedIn Tweet Like Email Comment

By Adam Solander, Ali Lakhani and Wenxi Li

The increasing prevalence of mobile technology in the healthcare sector continues to create compliance concerns for physician practices and other health care entities.  While the Office of Civil Rights (OCR) of the Department of Health and Human Services, has traditionally focused on technology breaches within larger health systems, smaller physician practices and health care entities must also ensure that their policies and practices related to mobile technology do not foster non-compliance and create institutional risk.

Physicians Integrate Mobile Technology Into Daily Practice

The Physicians Practice’s 2014 Technology Survey found that only 31 percent of more than 1,400 survey respondents reported implementing policies and rules to address bring your own device (“BYOD”) practices.  With more than 80 percent of doctors using mobile devices at work and integrating their personal devices into their professional practice, these devices could potentially represent a significant privacy and security risk.

Traditional Safeguards Undermined By “Anywhere” Access

The HIPAA Security Rule applies when any protected health information (PHI) is accessed and communicated through a mobile device, such as texting a patient’s name and phone number for follow-up calls.  In the annual OCR report to Congress on breaches of unsecured PHI for calendar years 2011 and 2012, OCR reported that information loss or theft from mobile devices was among the top three sources of breached PHI in 117 of the 222 reported breaches in 2012. Additionally, the Physicians Practice’s 2014 Technology Survey indicated that only 61 percent of the respondents surveyed reported securely backing data on a second server or via another method, thereby not complying with the HIPAA Security Rule which requires covered entities to create and maintain retrievable copies of electronic protected health information (ePHI).

OCR Enforcement Areas, Especially Among Small Breaches, Continue to Grow

OCR officials routinely remind covered entities and business associates to understand their obligations with respect to mobile device security – obligations that continue to become more complex to satisfy as the use of mobile technology in the workplace proliferates.  Simultaneously, OCR continues to increase enforcement of data breaches by entities subject to the HIPAA Security Rule. Significantly, this enforcement expansion has included smaller entities and breaches affecting fewer than 500 individuals.  OCR expects HIPAA Security Rule enforcement to continue its trend and increase going forward in 2014

Be Prepared

Physician practices and health care entities should conduct a thorough risk assessment which addresses the use of mobile devices and storage of mobile device data in their environment.  Additionally, policies and procedures should be developed to manage the risk associated with mobile devices to a business tolerable level.  Risk management plans and security evaluations should be updated and conducted periodically.  Additionally, physician practices and health care entities must remember that their business associates must also comply with the HIPAA Security Rule.  Thus, some diligence on the use of mobile devices in their business associates environment is advisable.  In practice, over 20 percent of HIPAA data breaches have been traced to noncompliant business associates. While the risk may be significant, with proper staff training to identify and address questionable HIPAA behaviors, physician practices and health care entities can minimize the risk of OCR enforcement and large settlement costs associated with mobile devices.

 

Reviewing Trends in PHI Breaches & Enforcement

LinkedIn Tweet Like Email Comment

By Patricia WagnerAli Lakhani and Jonathan Hoerner

 

On May 20, 2014, the Secretary of the Department of Health and Human Services (HHS) submitted the agency’s Annual Report to Congress on Breaches of Unsecured Protected Health Information for Calendar Years 2011 and 2012 (“Breach Report”). This report provides valuable insight for healthcare entities regarding their data security and enforcement priorities.

Section 13402(i) of the Health Information Technology for Economic and Clinical Health Act (HITECH) requires the Secretary of Health and Human Services to prepare an annual report regarding the number and nature of breaches report to HHS, as well as the actions taken in response to those breaches.

By way of background, HITECH requires that both covered entities and business associates (as defined under HIPAA) provide notifications after a breach of unsecured protected health information (PHI).  These required notifications include the affected individuals, HHS, and also media outlets in cases where the breach includes more than 500 residents of a state or jurisdiction.  However, HHS has issued guidance explaining that encryption and destruction make PHI “unusable, unreadable, or indecipherable to unauthorized persons” and, thus, loss of such secured PHI does not trigger the breach notification requirements.

Report Findings

                Healthcare providers accounted for the majority of breaches affecting 500 or more individuals in both 2011 and 2012 while business associates and health plans accounted for the remainder, as illustrated below.

Breaching Entity 2011 2012 Change
Providers 63% 68% 5%
Business Associates 27% 25% (2%)
Health Plans 10% 7% (3%)
Total 100% 100% -

 

Theft of PHI was the leading cause of a breach in both 2011 and 2012 followed by loss of PHI and unauthorized access/disclosures.  In 2011, theft was the cause for 24% of the total number of individuals affected by a breach and loss accounted for 54% of individuals affected. This high affected rate due to loss was the result of single breach incident involving a business associate and loss of back-up tapes containing information on 4.9 million individuals. In 2012, the causes of breach returned to expected rates with 36% of individuals affected due to theft and 13% due to loss. The below tables outline the frequency of breach causes in 2011 and 2012 as well as the sources of the breached information in each year.

 

Causes of Data Breach 2011 2012
Theft 50% 52%
Loss of PHI 17% 12%
Unauthorized Access 19% 18%
Hacking/IT incident 8% 27%

 

Sources of Breach 2011 2012 Change
Laptop 20% 27% 7%
Paper 27% 23% (4%)
Server 9% 13% 4%
Desktop Computer 14% 12% (2%)
Other Portable Device 13% 9% (4%)
Email 1% 4% 3%
Electronic Medical Records 2% 2% 0
Other 14% 10% (4%)

 

Audit Information

HITECH authorizes and requires HHS to conduct periodic audits of covered entities and business associates to ensure compliance with HIPAA rules. Unlike compliance reviews (which occur after a major breach) or compliance investigations, these audits are not triggered by an adverse event or incident.  Instead, they are “based on application of a set selection criteria.”

The Office for Civil Rights (OCR) (the office within HHS that is responsible for administering the Breach Notification Rules) implemented a pilot program of the audit process to assess the privacy and security compliance which was described in the Breach Report. The audit revealed that 31 out of 101 audited entities had at least one negative audit finding related to the Breach Notification Rule.  Specifically, the audit examined the following four areas:  (1) notification to individuals, (2) timeliness of notification, (3) methods of individual notification, and (4) burden of proof.  All four areas had a similar number of deficiencies noted.

Implications and Recommendations for Healthcare Entities

Breaches involving 500 or more individuals accounted for less than 1% of reports filed with HHS, yet represent almost 98% of the individuals affected by a PHI breach.  It is likely that OCR will continue investing significant resources into large scale PHI breaches due to the extensive impact of these breaches. Additionally, theft remains one of the top causes of PHI breaches and covered entities and business associates must take appropriate measures to ensure that any PHI stored or transported on portable electronic devices is properly safeguarded.  Chronic vulnerabilities include:

Encryption: Even if a device is stolen or misplaced, the Breach Notification Rule will not apply if the data is properly encrypted. Thus, it is imperative that covered entities and business associates encrypt portable electronic devices (such as laptops) and all CDs or USB thumb drives.

Access Control: Healthcare entities must pay close attention to the physical access to and proper disposal of devices that contain PHI.  Server rooms should be locked with limited access, and the physical access to buildings, floors, and offices should be secured to prevent theft of desktop computers containing PHI.

Disposal: Electronic devices need to be purged and the data securely erased (also known as “scrubbed”) prior to the device being discarded, recycled, sold, or transferred to a third party, such as a leasing company.  Such devices include computers, external storage media, and photocopiers.

Lastly, as explained in the Breach Report discussion of OCR’s audit pilot program, covered entities most often explain noncompliance with the various aspects of the Breach Notification Rule by pleading unawareness of the requirements of the Rules. Covered entities and business associates should ensure that comprehensive privacy and security policies and procedures are developed and implemented to mitigate the risks of a breach and to effectively respond to a breach should one occur.

Complimentary Webinar to Examine Population Health Strategies for Employer-Based Coverage

LinkedIn Tweet Like Email Comment

Epstein Becker Green and EBG Advisors, as part of the Thought Leaders in Population Health Speaker Series, will host a complimentary webinar in August on emerging trends in value-based purchasing in health care. The session, Population Health Strategies for Employer-Based Coverage, will assess how employers and other health plan sponsors are developing new programs to promote enhanced clinical and financial outcomes for the groups and populations they manage. In particular, speakers will highlight how the Affordable Care Act (ACA) is influencing population health management strategies for employer-based coverage.

The webinar, scheduled for August 26, 2014, at 12:00 p.m. ET, will be led by two thought leaders from the Health Care Incentives Improvement Institute (HCI3): Francois de Brantes, MS, MBA, Executive Director; and Douglas Emery, MS, Program Implementation Leader, Western Region. Gretchen K. Young, Senior Vice President, Health Policy, The ERISA Industry Committee (ERIC), will also serve as a panelist and Adam Solander, Associate, Epstein Becker Green, will moderate the session. To register, click here.

During the webinar, the panelists will discuss:

  • How ACA’s Cadillac tax on health benefits is changing the way employers pay for insurance coverage and how employees access and use insurance and wellness benefits.
  • How employers are creating and implementing new incentive programs to align prudent purchasing with proper care management techniques.
  • Emerging legal and reporting requirements based upon ACA and state requirements.

The Thought Leaders in Population Health Speaker Series offers participants informative and insightful guidance on how population health strategies are transforming the health care paradigm as the industry moves towards measurement and management of integrated delivery systems such as accountable care organizations (ACOs). All previous webinar programs can be viewed online. To register for this session, please click here.

“The Population Health Webinar Series attempts to find some common ground for health care professionals and other health care stakeholders by identifying best practices and creating a call to action for collaboration and outcomes improvement nationwide,” says Mark Lutes, Chair of Epstein Becker Green’s Board of Directors. “From the Affordable Care Act and data analytics to advancement in health IT systems, a number of factors are having a significant impact on the health care delivery system.”

________________________

The Speakers

Francois de Brantes, MS, MBA, Executive Director, Health Care Incentives Improvement Institute

As Executive Director of HCI3, Mr. de Brantes is responsible for setting and implementing the strategy of the organization. This includes supervising the implementations of Bridges To Excellence and PROMETHEUS Payment pilots, leading the development of new programs, and designing incentive efforts for employers, health plans and provider organizations.

Previously, Mr. de Brantes was the Program Leader for various health care initiatives at GE Corporate Health Care Programs, responsible for developing the conceptual framework and the implementation of GE’s Active Consumer strategy.

Mr. de Brantes attended the University of Paris IX – Dauphine where he earned a MS in Economics and Finance. After completing his military service as a platoon leader in a Light Cavalry Regiment, he attended the Tuck School of Business Administration at Dartmouth College, where he graduated with an MBA.

Douglas Emery, MS, Program Implementation Leader, Health Care Incentives Improvement Institute

Mr. Emery serves the Operations Manager for the Western Region for HCI3. He has been working in health care reform policy for over 15 years. Beginning in 1991, at the Institute of Political Economy, he and other colleagues began to work out a new microeconomic model for health care economics and episode of care purchasing.

Since then, Mr. Emery has worked in the public sector (Public Employees Health Program of Utah) and the private sector as an executive and consultant (Oxford Health Plans, HealthSouth, HealthMarket, Medstat, Definity Health, and others).  Mr. Emery has published many articles and two books on moving toward a more consumer-directed model and episode purchasing.

Gretchen K. Young, Senior Vice President, Health Policy, the ERISA Industry Committee

Ms. Young is the Senior Vice President, Health Policy, for the ERISA Industry Committee (ERIC). She works in Washington, D.C., where her primary responsibilities include working as a registered Congressional lobbyist on federal health issues and monitoring the work of Congress and the executive agencies with respect to health benefits.

Her primary focus over the past two years has been the Affordable Care Act and the accompanying regulations. She also has devoted considerable time and attention to employer wellness programs and the threats to them posted by the Genetic Information Nondiscrimination Act and the Americans with Disabilities Act.

Prior to her work at ERIC, Ms. Young covered both retirement and health issues for several large consulting forms. She has worked for over 25 years in the employee benefits field, including stints at three federal agencies that regulate ERISA plans – IRS, PBGC, and DOL.

Adam Solander, Associate, Epstein Becker Green

Session moderator Mr. Solander is an associate of Epstein Becker Green’s Health Care and Life Sciences practice, in the firm’s Washington, DC office. Mr. Solander advises health care clients on issues concerning ERISA preemption, obligations of plan fiduciaries and breach of fiduciary duties, prohibited transactions, and denial of benefits. He is also has experience advocating on behalf of health care trade associations and disease-specific patient advocacy groups, to the Congressional and Executive branches.

To learn more, log on to www.ebgadvisors.com or click here to register for any of these webinars. A Q&A period will follow the webinar, so don’t miss this unique opportunity for leading population health experts to answer your questions. To listen to the previous webinars from our Thought Leaders in Population Health Speaker Series, please click here.

 

 

HRSA Issues Interpretive Rule on 340b Orphan Drug in Response to Court Vacating Final Rule

LinkedIn Tweet Like Email Comment

By Constance Wilkinson, Alan Arville, and Jonathan Hoerner

On July 23, 2014, the Health Resources and Services Administration (“HRSA”) issued an “interpretive rule” entitled “Implementation of the Exclusion of Orphan Drugs for Certain Covered Entities under the 340B Program” (the “Interpretive Rule”).[1] The Interpretive Rule follows the ruling by the U.S. District Court for the District of Columbia on May 23, 2014, that vacated the final rule previously released by HRSA on the treatment of orphan drugs under the 340B program (the “Final Rule”).[2]

By way of background, the 340B program, created in 1992 and administered by HRSA, requires drug manufacturers to give discounts to entities covered under the law—known as “Covered Entities”—in order to have their drugs covered by Medicaid. The Affordable Care Act, along with the Medicare and Medicaid Extenders Act of 2010, expanded the definition of Covered Entities to include critical access hospitals, free-standing cancer hospitals, rural referral centers, and sole community hospitals. For these categories of Covered Entities only, drugs designated by the Food and Drug Administration as drugs “for a rare disease or condition” (“Orphan Drugs”) are excluded from covered outpatient drugs subject to mandatory 340B pricing requirements (the “340B Orphan Drug Exclusion”).[3] Other Covered Entities, such as disproportionate share hospitals, are not subject to the Orphan Drug Exclusion.

Interpretive Rule on Orphan Drugs in the 340B Drug Pricing Program

Consistent with the now vacated Final Rule, the Interpretive Rule states that the 340B Orphan Drug Exclusion only excludes Orphan Drugs when those drugs are “transferred, prescribed, sold, or otherwise used for the rare condition or disease,” for which the drug was designated orphan status. For example, even though Prozac (fluoxetine) is an Orphan Drug for the treatment of autism, under HRSA’s interpretation of the 340B Orphan Drug Exclusion, a Covered Entity subject to the 340B Orphan Drug Exclusion may purchase Prozac for its eligible patients at the 340B discount price when it is prescribed for depression, a non-orphan condition.[4] To support its position, HRSA states that its interpretation is consistent with the FDA’s interpretation of the orphan drug provisions in the Federal Food, Drug, and Cosmetic Act, including the FDA’s application of incentives for the development of orphan drugs (e.g., market exclusivity, tax credit, user fee exemption) to only the use of the drug intended to treat the rare disease or condition and not non-orphan drug indications.

The Interpretive Rule also discusses Section 340B’s requirement that prohibits certain hospitals, including free-standing cancer hospitals subject to the 340B Orphan Drug Exclusion, from purchasing covered outpatient drugs through a group purchasing organization (“GPO”). As with the Final Rule, the Interpretive Rule states that this prohibition does not apply to Orphan Drugs when they are used for the orphan designated rare condition or disease. Therefore, free-standing cancer hospitals can use a GPO to purchase an Orphan Drug for such rare condition or disease but cannot use a GPO when the drug is being used for other non-orphan purposes.

In order to facilitate the identification of drugs with an orphan designation for 340B Program purposes, the Interpretive Rule states that on the first day of the month prior to the end of the calendar quarter, HRSA will publish a listing of orphan drug designations, providing the name of the drug and the designated indication. HRSA also repeats its position in the Final Rule that a Covered Entity cannot purchase Orphan Drugs through the 340B program if the Covered Entity does not have the ability to track the indication for drug use. Notably, the Interpretive Rule does not include the requirement of the Final Rule that Covered Entities must notify HRSA if they cannot or do not wish to maintain auditable records sufficient to demonstrate compliance with the 340B Orphan Drug Exclusion.[5]

Previous Court Decision

After HRSA issued the Final Rule in July 2013, the Pharmaceutical Research and Manufacturers of America (“PhRMA”) brought suit against HRSA claiming that the rule was invalid because it contravened the plain language of the statute.[6] First, the court determined that the Final Rule was a legislative rule, a rule which carries the force of law. Next, the court concluded that HRSA lacked the statutory authority to promulgate the Final Rule as a legislative rule.

In addition to arguing that it had the requisite authority to issue a legislative rule, HRSA also took the alternative position that the Final Rule was not a legislative rule and should be viewed and upheld as an interpretive rule. As opposed to a legislative rule, an interpretive rule provides clarifications or explanations of a statute and does not create a new law, modify an existing law, or create an enforceable right. Even though an interpretive rule does not carry the force of law like a legislative rule, courts will generally give deference to an agency’s interpretive rule.

Calling HRSA’s argument “half-hearted,” the court noted that the Final Rule underwent notice and comment rulemaking and had a “legal effect” on the parties, two components of the D.C. Circuit’s test for a legislative rule. However, the court concluded that it lacked sufficient information to decide if the Final Rule could be considered a valid interpretive rule. HRSA declined the opportunity to make additional arguments on this issue and instead chose to separately promulgate the rule as the Interpretive Rule.

Future Implications

Immediately after HRSA released the Interpretive Rule, PhRMA filed a court document arguing that HRSA’s Interpretive Rule was an attempt to “evade the Court’s holding” that HRSA did not have authority to issue this rule.[7] Thus, it is likely that litigation will continue over the scope of HRSA’s ability to engage in rulemaking, which will likely impact HRSA’s issuance of the proposed 340B “mega-rule.” The “mega-rule” would address multiple key components of the 340B program including the definition of an eligible patient, compliance requirements for contract pharmacy arrangements, and hospital eligibility including criteria for off-site facilities. HRSA had planned to release the “mega-rule” as early as June 2014, but given the questions surrounding HRSA’s authority to engage in rule-making, the “mega-rule” will likely continue to be delayed.

In the absence of a grant of general rulemaking authority in the 340B statute, HRSA’s custom has been to administer the 340B program through a series of Notices issued through the Federal Register, as well as other sub-regulatory guidance. Whether HRSA reverts to this practice as a result of, or in the absence of, a judicial determination regarding its rulemaking authority remains to be seen.


ENDNOTES

[1] HHS HRSA, Interpretive Rule: Implementation of the Exclusion of Orphan Drugs for Certain Covered Entities Under the 340B Program, (July 21, 2014), http://www.hrsa.gov/opa/programrequirements/interpretiverule/.

[2] 340 Drug Pricing Program, 42 C.F.R. pt. 10 (2014).

[3] Public Health Service Act § 340B(e), 42 U.S.C. 256b(a) (2012).

[4] Pharm. Research & Mfrs. of Am. v. United States HHS, No. 13-1501, 2014 U.S. Dist. LEXIS 70894, at *2 (D.D.C. May 23, 2014).

[5] 340 Drug Pricing Program, 42 C.F.R. § 10.21(c)(3).

[6] Pharm. Research & Mfrs. of Am. v. United States HHS, No. 13-1501, 2014 U.S. Dist. LEXIS 70894 (D.D.C. May 23, 2014).

[7] Supplemental Memorandum in Support of PhRMA’s Motion for Miscellaneous Relief, ECF No. 52.

How Big Is Halbig? The Viability of the ACA’s Employer Mandate Hangs in the Balance

LinkedIn Tweet Like Email Comment

By: Adam C. SolanderKara M. Maciel, Mark M. Trapp, and Stuart M. Gerson

Yesterday, the U.S. Court of Appeals for the District of Columbia and the U.S. Court of Appeals for the Fourth Circuit sent shockwaves through the country when they issued conflicting opinions on a key aspect of the ACA.  The cases are Halbig v. Burwell, D.C. Cir., No. 14-508 and King v. Burwell, 4th Cir., No. 14-1158.  The question at issue in both cases was whether the IRS has the authority to administer subsidies in federally facilitated exchanges when the statute itself specifically authorizes subsides only in state exchanges.

According to the statutory text of the ACA, the penalties under the employer mandate are triggered only if an employee receives a subsidy to purchase coverage “through an Exchange established by the State under section 1311” of the ACA.  If a state elected not to establish an exchange or was unable to establish an operational exchange by January 1, 2014, the Secretary of HHS was required to establish a federal exchange under section 1321 of the ACA.

In 2012, the IRS promulgated regulations making subsidies available in both federally facilitated exchanges and state-run exchanges.  In those regulations, the IRS asserted that “the statutory language … and other provisions” of the ACA “support the interpretation” that credits are available to taxpayers who obtain coverage through both state and federally facilitated exchanges.

The individuals who brought the suits live in states that did not establish their own exchanges. They argue that the text of the ACA is clear and unambiguous: the IRS does not have the authority to administer subsidies in their states because the exchanges were not “established by the State.”

The D.C. Circuit, in a 2-1 decision, in Halbig v. Burwell agreed with the appellants and vacated the IRS regulation.  The court focused heavily on the plain meaning of the statutory text and concluded “that the ACA unambiguously restricts the … subsidy to insurance purchased on Exchanges established by the state.”  In an opinion issued only hours later, the 4th Circuit, in a 3-0 decision, in King v. Burwell agreed with the IRS that the statutory language was not plain, but ambiguous. Accordingly, the court upheld the subsidies “as a permissive exercise of the agency’s discretion.”

Given the circuit court split, many commenters believe that Supreme Court review is necessary to resolve this issue.  However, while it is certainly possible, perhaps even likely, that the Supreme Court will review this issue, it may not be a foregone conclusion.  The Obama administration has already indicated it will seek en banc review of the Halbig decision by the entire D.C. Circuit.  If the full D.C. Circuit reverses the Halbig panel decision, the existing “circuit split” would be resolved, potentially making Supreme Court review less likely.  It should be noted that there are similar cases pending in district courts in the 10th and 7th Circuits, that if decided in favor of the challengers could create a circuit split even if the full D.C. Circuit reverses Halbig.

On the other hand, given the tremendous importance of this issue to the operation of the ACA, and the fact that under the plain meaning of the statute, the IRS regulation allows billions of dollars in tax credits without the authorization of Congress, the Supreme Court may accept review to fully settle this important question of federal law, regardless of whether there are conflicting decisions from the circuit courts. The Supreme Court has long operated under the “rule of four,” a convention under which a grant of certiorari requires the approval of only four justices. Given the fact that the availability of the subsidies is an issue of national importance, and that two years ago four justices voted to strike down the ACA altogether, Supreme Court review of this issue appears likely. Ultimately, however, whether the Supreme Court will accept the case is a matter of speculation.

For employers, the most significant issue may be the potential impact the Halbig ruling could have on the Employer Mandate.  As noted above, the employer mandate penalties are only triggered by an employee going to the exchanges and purchasing subsidized health care.  Accordingly, if none of its employees receives a subsidy, then no penalties would be triggered against an employer.  Thus, for employers with employees in the 36 states with a federally facilitated exchange, the question arises how the Halbig decision impacts their decision and strategy to provide health coverage to their employees when the Employer Mandate takes effect in 2015 (or 2016 for employers with 50-99 employees).

Additionally, considering that the Employer Mandate and its penalty provisions have been extended twice before, this legal development could provide employers and trade associations with an opportunity to ask the Obama Administration to delay the Employer Mandate again until the Supreme Court has a chance to review the case, or even to scrap it altogether.

While more questions may be raised by the two conflicting court decisions, what is clear at this point is that yesterday’s decisions are certainly not the final word on this issue.

 

OIG’s Permissive Exclusion Criteria: Comment Before Sept. 9, 2014

LinkedIn Tweet Like Email Comment

The Office of the Inspector General (“OIG”) of the U.S. Department of Health and Human Services (“HHS”) is soliciting comments, recommendations, and other suggestions on the non-binding criteria used by OIG in assessing whether to impose a permissive exclusion, which were first published in 1997 (https://oig.hhs.gov/authorities/docs/2014/2014-16222.pdf).  The OIG’s permissive exclusion criteria currently are organized into four general categories, including: (1) the circumstances and seriousness of the underlying misconduct; (2) the defendant’s response to the allegations or determination of wrongdoing; (3) the likelihood of a future violation; and (4) the defendant’s financial ability to provide quality health care services.  Over the last two decades, OIG has used these criteria to evaluate whether to impose a permissive exclusion or release this authority in exchange for the execution of an Integrity Agreement with OIG.

In support of its decision to consider revising the criteria, OIG indicated that “updated guidance could better reflect the state of the health care industry today.”  OIG also noted that issues currently under consideration include, but are not limited to: (1) whether there should be differences in the criteria for individuals and entities, and (2) whether and how to consider a defendant’s existing compliance program.

We encourage all interested parties to weigh on in the existing criteria, which can be found here (https://oig.hhs.gov/exclusions/files/criteria_b7.pdf.).  Comments are due by September 9, 2014.

Please reach out to George Breen, Jonah Retzinger, or Marshall E. Jackson, Jr. for assistance with the preparation and submission of comments.

 

Medicare’s Proposed Home Health Rule for 2015: Face-to-Face Encounter Documentation Requirements

LinkedIn Tweet Like Email Comment

Our colleagues at Epstein Becker Green released a client alert: “Medicare’s Proposed Home Health Rule for 2015: CMS Suggests Only Limited Relief to the Face-to-Face Encounter Documentation Requirements but Continued Compliance Burdens on Home Health Agencies,” by Emily E. Bajcsi and Serra J. Schlanger.

Following is an excerpt:

On July 7, 2014, the Centers for Medicare & Medicaid Services (“CMS”) published proposed changes to the Medicare Home Health Prospective Payment System (“HH PPS”) for calendar year 2015 (“Proposed Rule”). The Proposed Rule would update the HH PPS payment rates effective January 1, 2015, including continued implementation of the rebasing adjustments as required by the Affordable Care Act (“ACA”). CMS projects that these proposed payment rate changes would result in overall payment reductions to home health agencies (“HHAs”) of $58 million, or 0.30 percent. CMS proposes a number of additional changes, including recalibration of the home health case-mix weights and changes to the home health quality reporting program requirements that would establish a minimum submission threshold for the percentage of OASIS assessments that an HHA must submit each reporting period. CMS is also asking for comments on a home health value-based purchasing model that it is considering testing in certain states beginning in 2016.

The Proposed Rule would also make significant changes to the physician face-to-face encounter requirements for HHA reimbursement. CMS claims that the changes would “simplify” the face-to-face encounter documentation requirements through elimination of the physician narrative requirement; however, CMS will expect the information formerly contained in the physician narrative to be documented in the medical record of the certifying physician or the discharging facility. To incentivize physicians to supply sufficient documentation, CMS proposes to deny the physician’s claim for certification or re-certification if the HHA claim is denied due to insufficient documentation to support beneficiary ineligibility. Yet, the Proposed Rule fails to provide any clarity as to what will constitute “sufficient” documentation. As a result, even with these proposed changes, HHAs will continue to bear both the risk of financial loss from denied claims and the burden of assuring that the certifying physician “sufficiently” documents the beneficiary’s eligibility to receive services under the Medicare home health benefit. Public comments to the Proposed Rule are due by September 2, 2014.

Read the full alert here.

 

The ACA Still Has Its Day in Court, Now Over Subsidies, in Law360

LinkedIn Tweet Like Email Comment

Our colleagues Kara Maciel, a Member of the Firm in the Labor and Employment, Litigation, and Health Care and Life Sciences practices, in the Washington, DC, office, Mark Trapp, a Member of the Firm in the Labor and Employment and Litigation practices, in the Chicago office, and Adam Solander, an Associate in the Health Care and Life Sciences practice, in the Washington, DC, office, wrote an article titled “The ACA Still Has Its Day in Court, Now Over Subsidies.” (Read the full version – subscription required.)

Following is an excerpt:

Challenges to the government’s health care reform implementation continue to make their way through federal courts, with rulings expected shortly. Employers are especially advised to monitor challenges to the federal regulations that authorized the federally facilitated exchanges (“FFEs”) to distribute tax credits and copayment subsidies (collectively, subsidies) to eligible persons.

By way of background, it was nearly two years ago when the U.S. Supreme Court ruled that the individual mandate at the heart of the Affordable Care Act could be construed as a tax, despite violating the Commerce Clause of the Constitution.

Read the full article here (subscription required).

DC Circuit Strongly Reaffirms the Applicability of the Attorney-Client Privilege to Internal Compliance Investigations

LinkedIn Tweet Like Email Comment

Our colleagues at Epstein Becker Green released a client alert: “DC Circuit Strongly Reaffirms the Applicability of the Attorney-Client Privilege to Internal Compliance Investigations,” by George B. Breen, Jonah D. Retzinger, Marshall E. Jackson Jr., and Stuart M. Gerson.

Following is an excerpt:

Especially in the District of Columbia Circuit, the home base for many fraud cases in which the government is opposed to health care providers and defense contractors, there had been considerable doubt that the attorney-client privilege attached to internal compliance investigations, particularly those investigations conducted on governmental mandate by company internal counsel. In a recent victory for companies and effective compliance, the United States Court of Appeals for the DC Circuit squarely removed that doubt in support of the application of privilege.

Reversing the controversial District Court decision in United States ex rel. Barko v. Halliburton Co., 2014 U.S. Dist. LEXIS 36490, 2-3 (D.D.C. Mar. 6, 2014), on June 27, 2014, the DC Circuit handed down its opinion in In re Kellogg Brown & Root, 2014 U.S. App. LEXIS 12115 (D.C. Cir. 2014). The DC Circuit’s holding reinforces the protections established by the Supreme Court 30 years ago in Upjohn Co. v. United States, 449 U.S. 383 (1981), that afford privilege to confidential employee communications made during a corporation’s internal investigation led by company lawyers.

Read the full alert here.