On July 20, 2020, the United States Food and Drug Administration (FDA) announced a six-month extension of its enforcement discretion policy for certain regenerative medicine products requiring pre-market review due to the COVID-19 pandemic. Included in a final guidance document entitled, “Regulatory Considerations for Human Cells, Tissues, and Cellular and Tissue-Based Products: Minimal Manipulation
On March 17, 2020, the Office for Civil Rights’ (“OCR”) announced that—for the duration of the COVID-19 emergency—it would exercise enforcement discretion and waive any potential penalties for HIPAA violations relating to health care providers’ use of “everyday communications technologies” in the provision of services via telehealth (the “HIPAA Waiver”). This move has resulted in a drastic increase in the number of telehealth encounters. The HIPAA Waiver has enabled many providers to immediately leverage these technologies to render services via telehealth for the first time, without the need to expend significant resources to quickly ramp up a HIPAA-compliant telehealth platform. A summary of the HIPAA Waiver can be found in a recent blog post. While the HIPAA Waiver applies only temporarily, it is likely that the increased reliance on telehealth evidenced over the past three months is here to stay.
The COVID-19 pandemic’s impact on the regulatory landscape of telehealth was the topic of a June 17, 2020 hearing before the Senate Health, Education, Labor & Pensions Committee. As Chairman Lamar Alexander acknowledged during his opening statement, the health care sector and government “have been forced to cram 10 years’ worth of telehealth experience into just the past three months.” Indeed, this “cramming” has resulted in thirty-one temporary changes to telehealth policy at the federal level. Of these temporary changes, Chairman Alexander included the OCR enforcement discretion / HIPAA waiver as one of the three changes he considers most important. However, of the three changes the Chairman views as most important, he declined to include the enforcement discretion in the temporary changes he believes should be made permanent, and instead called upon his colleagues to consider whether to extend the HIPAA waiver.
The FDA has issued the Temporary Policy on Prescription Drug Marketing Act Requirements for Distribution of Drug Samples During the COVID-19 Public Health Emergency. The Prescription Drug Marketing Act of 1987 (PDMA) describes manufacturers’ drug sample storage, handling, and recordkeeping obligations as well as the written request and receipt requirements for prescribers.
Many manufacturers utilize their field sales representatives to deliver drug samples directly to, and collect written receipts from, prescribers at prescriber offices during sales calls. The COVID-19 crisis has disrupted field sales representatives’ ability to have face to face visits with prescribers, preventing them from delivering samples and collecting required receipts. In addition, as a result of the crisis, many prescribers are providing telehealth services from their homes, impacting prescribers’ ability to receive, store and distribute samples at their offices.…
Continue Reading FDA PDMA Guidance in Response to COVID-19 Pandemic
The CARES Act, passed by Congress and signed into law on March 27, 2020, provides $100 billion for the Public Health and Social Services Emergency Fund (“Relief Fund”) to support eligible health care providers. Less than a month later, Congress passed the Payroll Protection Program and Health Care Act, providing an additional $75 billion to the Relief Fund, raising the total funds available to $175 billion. As of the end of April 2020, the Department of Health and Human Services (“HHS”) released to providers two tranches of Relief Funds totaling $50 billion. HHS disbursed the first $30 billion tranche (“Tranche 1”) between April 10 and April 17, 2020. Currently, HHS is disbursing the second $20 billion tranche (“Tranche 2”). Because these are grant funds – not loans – repayment is not required. What HHS requires is that the Recipients attest to and follow the Relief Fund’s Terms and Conditions. Before we turn to the Terms and Conditions, it is important to understand HHS’ Relief Fund disbursement process.
Relief Fund Disbursement Process
HHS disbursed the Tranche 1 Relief Funds as well as some of the Tranche 2 Relief Funds directly to providers participating in Medicare Part A and Part B. (“the Recipients”). Other Recipients must apply for the Relief Funds through the HHS’ on-line portal. No matter how the Recipient received the funds, either through direct payments or through the on-line application, all Recipients must attest to HHS’ published Terms and Conditions through the HHS on-line portal within 45 days after receiving the Relief Funds. Each tranche requires a separate attestation. If the Recipient retains the funds for at least 30 days without contacting HHS regarding the funds’ remittance, HHS deems the Recipient to have accepted the Terms and Conditions discussed below. There are two important considerations in determining whether to accept these funds:
- The Terms and Conditions for Tranche 2 Relief Funds differ in several respects from the Terms and Conditions for the Tranche 1 Relief Funds; and
- The Terms and Conditions listed provisions are not exhaustive and Recipients must also comply “with any other relevant applicable statutes and regulations”.
On April 21, 2020, the Drug Enforcement Administration (DEA) published a Request for Information (“RFI”) that reopened the comment period for an interim final rule that was published March 31, 2010 (75 FR 16236) (the “2010 IFR” or the “IFR”). The IFR is being revisited in response to the Substance Use-Disorder Prevention that Promotes Opioid Recovery and Treatment for Patients and Communities Act (SUPPORT Act) mandate for the DEA to update the requirements for the biometric component of multifactor authentication with respect to electronic prescriptions of controlled substances. Prior to the 2010 IFR, the only way that controlled substances could be prescribed was in writing, on paper with a wet signature. The IFR was the first time that an electronic alternative was made available for prescribing controlled substances and the DEA leveraged the technologies that were available at the time to ensure that electronic prescribing applications could not be misused to divert controlled substances.
To that end, the DEA fashioned their regulations to include measures that ensure that the prescriber verifies that they are who they said they are and that they are authorized and have the appropriate credentials to prescribe the medications that are being ordered. In other words, in order for a prescriber to be granted access to the technologies that would create, sign and transmit prescriptions for controlled substances electronically, they have to be appropriately authenticated and credentialed. In addition to requiring identity proofing and logical access controls that relied on multi-factor authentication, credentialing had to be conducted by federally approved credential service providers (CSPs) or by certification authorities (CAs). The IFR also included requirements for audit trails, security event reporting and provisions that governed the signing and transmission of electronic prescriptions to ensure that there was a process to address and resolve transmission failures.
While the IFR contemplated using biometrics to identify and authenticate prescribers, those technologies were still developing and evolving in 2010. Recently, under the SUPPORT Act, Congress required the DEA to update its regulations to identify the biometric component of the multi-factor authentication used to identity proof prescribers. The DEA is looking to the health care provider community who are currently using e-prescribing applications to share their experiences, offer suggestions and recommend new approaches that will encourage broad adoption for e-prescribing for controlled substances while still meeting the DEA’s objectives of ensuring the security and accountability necessary to identify fraud and prevent diversion.
Recently, the Defense Health Agency (DHA) announced a rewrite of the TRICARE Autism Care Demonstration (ACD) program that encompasses “significant changes to the ACD.” It will move the ACD from the current Applied Behavior Analysis (ABA)-centric model to one focused on the beneficiary and family. Without specific details, the DHA states these comprehensive changes will provide an opportunity to improve support to beneficiaries and their families by:
- Providing more information about Autism Spectrum Disorder (ASD) and potential services;
- Linking beneficiaries to the right care at the right time; and
- Increasing services to eligible family members – especially parents.
Two announcements made by FDA in late October signal a marked change to FDA’s regulatory approach to “homeopathic” drugs. On October 25, 2019, FDA withdrew the 1988 Compliance Policy Guide (“CPG”) 400.400 Conditions Under Which Homeopathic Drugs May Be Marketed, and, concurrently, published revised draft guidance titled Drug Products Labeled as Homeopathic (the “Revised…
Today, a final rule issued by the Centers for Medicare & Medicaid Services (CMS) establishing new enforcement initiatives aimed at removing and excluding previously sanctioned entities from Medicare, Medicaid, and the Children’s Health Insurance Program (CHIP) goes into effect. Published September 10 with a comment period that also closed today, the new rule expands CMS’s “program integrity enhancement” capabilities by introducing new revocation and denial authorities and increasing reapplication and enrollment bars as part of the Trump Administration’s efforts to reduce spending. While CMS suggests that only “bad actors” will face additional burdens from the regulation, the new policies will have significant impacts on all providers and suppliers participating in Medicare, Medicaid, and CHIP.
AN OVERVIEW OF THE NEW RULE
The New “Affiliations” Revocation Authority
The new “affiliations” enforcement framework—the regulation’s most significant expansion of CMS’s revocation authority—permits CMS to revoke or deny a provider’s or supplier’s enrollment in Medicare if CMS determines an “affiliation” with a problematic entity presents undue risk of fraud, waste, or abuse. Generally to bill Medicare, providers and suppliers not only must submit an enrollment application to CMS for initial enrollment, but also must recertify enrollment, reactivate enrollment, change ownership, and to change certain information. In the rule’s current form, providers or suppliers submitting an enrollment application or recertification to CMS (“applicants”) will be required to submit affiliation disclosures upon CMS’s request if the agency determines the entity likely has an affiliation with a problematic entity as described below. CMS will base its request on a review of various data, including Medicare Provider Enrollment, Chain, and Ownership System data and other CMS and external databases that might indicate problematic behavior, such as patterns of improper billing. Upon CMS’s request, applicants identified as having at least one affiliation with a problematic entity would be required to report any current or previous direct or indirect “affiliations” to CMS.
On October 22, 2019, the Centers for Medicare and Medicaid Services (“CMS”) issued a Request for Information (“RFI”) to obtain input on how CMS can utilize Artificial Intelligence (“AI”) and other new technologies to improve its operations. CMS’ objectives to leverage AI chiefly include identifying and preventing fraud, waste, and abuse. The RFI specifically states…
The Centers for Medicare & Medicaid Services (CMS) and the Department of Health and Human Services Office of Inspector General (OIG) issued their long-awaited proposed rules in connection with the Regulatory Sprint to Coordinated Care today. Transforming our healthcare system to one that pays for value is one of the Department’s top four priorities, and…