New from the Diagnosing Health Care Podcast: The recent 2024 elections resulted in a new Trump administration and a Republican-controlled House and Senate.
From policymakers to stakeholders across the industry, everyone is wondering what health policy will look like in 2025 and beyond.
On this episode, Epstein Becker Green attorneys Ted Kennedy Jr., Leslie Norwalk, Philo Hall, and Alexis Boaz discuss the results of the 2024 elections and their impact on the health policy space. What will a second Trump administration look like? How might the election results affect the health care policies addressed during Congress’s 2024 lame-duck session?
As the dietary supplement industry continues to draw attention from Congress, state attorneys general, and class action lawyers, now comes another state law prohibiting the sale of over-the-counter (“OTC”) dietary supplements that target weight loss and muscle building to minors – this time, in New Jersey.
On October 28, 2024, by a majority vote of 56 to 17, with four abstentions, the New Jersey General Assembly passed Assembly Bill No. 1848, which, if it goes into effect, will prohibit the sale or delivery of OTC diet pills, weight loss, and muscle building supplements to minors, unless the minor is accompanied by a parent or guardian. Bill No 1848 is an exemplar of efforts intended to combat the misuse and abuse of these products and the potential causal relationship between these dietary supplements and eating disorders. Violators, including employees of retail establishments, may face a civil penalty of not more than $750.
On Friday, November 15, 2024, the Drug Enforcement Administration (“DEA”) and Department of Health and Human Services (“HHS”) filed a Third Temporary Extension of the COVID-19 Telemedicine Flexibilities for Prescription of Controlled Medications (“Third Temporary Extension”), extending the full set of telemedicine flexibilities adopted during the COVID-19 public health emergency (“PHE”) through December 31, 2025. The Third Temporary Extension is scheduled for publication in the Federal Register on November 19, 2024.
This means the DEA will continue to allow DEA registered practitioners (“Practitioners”) to prescribe controlled substances via telemedicine without having previously conducted an in-person patient examination. Likewise, and of particular interest to telemedicine providers that practice in multiple states, Practitioners may continue prescribing via telemedicine to patients physically located in any state in which the Practitioners are licensed to practice medicine, without needing to have a separate DEA registration in each such state, subject to compliance with state prescribing requirements.
The Centers for Medicare and Medicaid Services (CMS) is issuing, what will amount to be, very significant Risk Adjustment Data Validation (RADV) Audit notices for PY2018 to Medicare Advantage Organizations (MAOs).
These notices follow the issuance of CMS’s final rule (88 Fed. Reg. 6643 (Feb. 1, 2023), amending 42 C.F.R. 422.310(e). Pursuant to the rule, CMS has the authority to extrapolate audit findings for PY2018 and beyond. CMS has noted that the extrapolation methodology it adopts for RADV audits will be focused on MAO contracts that, through statistical modeling ...
As the dust from the public health emergency (PHE) continues to settle and the PHE-era flexibilities expire, telehealth providers are bracing themselves for the changes soon to come.
These providers will inevitably face certain legal and regulatory complexities as federal and state lawmakers and regulators consider adopting further temporary or permanent policy changes impacting telehealth. Federal-level changes—particularly the Drug Enforcement Administration’s (DEA’s) remote prescribing rulemaking—may further compound these complexities and trigger a wave of changes in laws, regulations, and policies at the state and board levels.
Telehealth providers should continue to monitor these developments, capitalize on current and upcoming telehealth opportunities, and make investments in compliance infrastructures to operate in accordance with applicable federal and state laws, regulations, and policies.
Since 2016, Epstein Becker Green has researched, compiled, and analyzed state-specific content relating to the regulatory requirements for professional mental/behavioral health practitioners and stakeholders seeking to provide telehealth-focused services.
We are pleased to once again release our latest update to our Telemental Health Laws app, an extensive compilation of laws, policies, and other state guidance for practitioners supporting the mental/behavioral health practice disciplines.
In response to several high-profile cybersecurity incidents affecting hospitals and other health care providers, including the Change Healthcare breach, new federal legislation was recently introduced by Senators Ron Wyden (D-OR) and Mark Warner (R-VA). The health care industry has received intense criticism for perceived weaknesses in cybersecurity protections. As stated in a summary of HISAA prepared by the Senate Finance Committee:
According to the FBI, the health care sector is now the #1 target of ransomware. These hacks are entirely preventable and are the direct result of lax cybersecurity practices by health care providers and their business partners. Cybersecurity failures have delayed and disrupted patient care, and have harmed patient health and privacy, as well as national security. Despite these high stakes, health care has some of the weakest cybersecurity rules of any federally regulated industry.
The new legislation, the Health Infrastructure Security and Accountability Act (HISAA), would create significant new security requirements applicable to HIPAA Covered Entities and Business Associates designed to address cybersecurity risks, require ongoing risk assessments and audits related cybersecurity practices, establish new penalties for noncompliance with these requirements and remove HIPAA statutory caps on such penalties, and create funding incentives and Medicare payment reduction disincentives for entities subject to these requirements.
As much of the Southeastern U.S. continues to recover from the aftermath of Hurricanes Helene and Milton, health care providers should be aware of, and consider the extent upon which they rely upon, the flexibilities that the Centers for Medicare & Medicaid Services (CMS) extended to assist with the Public Health Emergencies (PHEs) in the affected states. As a result of Hurricanes Helene and Milton, CMS extended additional resources to Medicare providers and certain health care facilities in Florida, Georgia, North Carolina, South Carolina, and Tennessee.
As background, during a PHE, the Secretary of the U.S. Department of Health and Human Services (HHS) may temporarily waive certain HIPAA Privacy Rule requirements for hospitals.
During the recent PHE, HHS issued HIPAA-related waivers lasting up to seventy-two (72) hours to hospitals located in the declared emergency that had activated their disaster protocol, including waivers for: the distribution of HIPAA privacy notices; patient rights to request privacy restrictions and confidential communications; communications with family or friends involved in care; and, opting out of facility directories. Health Information Privacy PHE responses can be found here.
For decades, FDA’s Center for Devices and Radiological Health (CDRH) has been recognizing standards that can be referenced in premarket medical device submissions. Congress broadly directed federal agencies to begin relying on standards in 1996, through the National Technology Transfer and Advancement Act, but the informal practice dates back to the 1970s. Congress specifically directed FDA to begin using standards for medical device submissions through the Food and Drug Administration Modernization Act of 1997 (FDAMA).
Being a curious person, I wanted to see what FDA has done with that authority by looking at the CDRH database for Recognized Consensus Standards: Medical Devices. My main takeaway is that CDRH is not yet investing enough time and energy in recognizing standards that support digital health and AI.
Findings
I downloaded the data set on September 20, 2024, and looked when standards were recognized by FDA and to which therapeutic or functional areas they related.
New from the Diagnosing Health Care Podcast: One year ago, on October 30, 2023, President Joe Biden signed an executive order laying the groundwork both for how federal agencies should responsibly incorporate artificial intelligence (AI) within their workflows and how each agency should regulate the use of AI in the industries it oversees.
What has happened in the past year, and how might things change in the next?
On this episode, Epstein Becker Green attorneys Lynn Shapiro Snyder, Eleanor Chung, and Rachel Snyder Good reflect on what is new in health care AI as a result of the 2023 executive order and discuss what industry stakeholders should be doing to comply and prepare for future federal regulation of AI in health care.
The U.S. Supreme Court recently denied two certiorari petitions relating to the willfulness standard of the federal Anti-Kickback Statute, 42 U.S.C. § 1320a-7b (AKS), an issue with profound implications for health care companies and providers defending against AKS allegations.
On October 7, 2024, the Supreme Court denied the petition for certiorari in U.S. ex rel. Hart v. McKesson Corporation, and on October 15, 2024, denied the cert petition in Sayeed v. Stop Illinois Health Care Fraud, LLC.[1]
“Knowingly and Willfully”
The AKS prohibits persons from, among other things, “knowingly and willfully” soliciting or receiving “any remuneration (including any kickback, bribe, or rebate) directly or indirectly, overtly or covertly, in cash or in kind—
A. in return for referring an individual to a person for the furnishing or arranging for the furnishing of any item or service for which payment may be made in whole or in part under a federal health care program, or
B. in return for purchasing, leasing, ordering, or arranging for or recommending purchasing, leasing, or ordering any good, facility, service, or item for which payment may be made in whole or in part under a Federal health care program[.]”
Blog Editors
Recent Updates
- Podcast: Health Policy Update: Impact of the 2024 U.S. Elections – Diagnosing Health Care
- New Jersey General Assembly Passes Legislation Prohibiting Sale of Diet Pills, Weight Loss/Muscle Building Supplements to Minors
- DEA Issues Third Extension to Public Health Emergency Telemedicine Prescribing Flexibilities, Through 2025
- CMS Issuing First Risk Adjustment Data Validation Audit Notices for PY2018 Since the RADV Final Rule
- Just Released: Telemental Health Laws – Download Our Complimentary Survey and App