Most companies want to avoid FDA warning letters.  To help medical device companies identify violations that might lead to a warning letter, this post will dive deeply into which specific types of violations are often found in warning letters that FDA issues.

Background

As you probably know, FDA has a formal process for evaluating inspection records and other materials to determine whether issuing a warning letter is appropriate.  Those procedures can be found in chapter 4 of FDA’s Regulatory Procedures Manual.  Section 4-1-10 of that chapter requires that warning letters include specific legal citations, in addition to plain English explanations of violations.  The citations are supposed to make reference to both the statute and any applicable regulations.

As a consequence, to understand the content of the warning letters, we need to search for both statutory references as well as references to regulations.  Because statutes are deliberately drafted to be broader in their language, references to the regulations tend to be more meaningful. Continue Reading Unpacking Averages: Violations Found in Medical Device Warning Letters

In this episode of the Diagnosing Health Care Podcast:  What challenges are providers likely to face as the Occupational Safety and Health Administration (OSHA) prepares its permanent COVID-19 standard for health care workers?

Attorneys Denise DadikaBob O’Hara, and Tim Murphy review the provisions of OSHA’s temporary COVID-19 standard for health care workers and what’s expected to change under the permanent rules. They also discuss how the agency’s current enforcement push is impacting health care providers.

Continue Reading <em>Podcast:</em> OSHA’s Permanent COVID-19 Standard and Enforcement Blitz – <em>Diagnosing Health Care</em>

Since the passage of the Medical Device Amendments of 1976, FDA has regulated in vitro diagnostic (IVD) tests as medical devices, subject to a full suite of FDA requirements.  During that time, FDA has also asserted that it has the authority to regulate in-house tests developed and performed by CLIA-certified, high-complexity clinical laboratories (generally referred to as laboratory-developed tests or LDTs) but chose as a matter of enforcement discretion not to regulate LDTs.  Over time, the Agency chipped away slowly at LDT enforcement discretion, carving out certain kinds of tests (e.g., direct-to-consumer LDTs) and thus making them subject to regulation, but by and large did not take broad steps to regulate LDTs.

Continue Reading The VALID Act: Senate Action Brings FDA Regulation of LDTs Closer to Fruition

Much like the ambiguous landscape involving cannabidiol (CBD) products on the consumer market, an influx of delta-8 THC containing products for consumption has highlighted a recurrent regulatory issue surrounding the legality of hemp derived products at the federal level. The Agricultural Improvement Act of 2018 (the “2018 Farm Bill”), which, among other things, offered a federal definition of hemp and removed it from the list of Schedule I controlled substances, specifically carved out hemp derived products with less than 0.3% delta-9-tetrahydocannabinol (THC) on a dry weight basis, thereby allowing products that meet this definition to flood the consumer markets.

Continue Reading Recent FDA Enforcement Action Colors Regulatory Landscape for Delta-8 THC Products

Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an organization’s highest priorities. Our security and privacy team at Epstein Becker & Green has written extensively about the guidance and best practices issued by federal and state regulatory and enforcement agencies. Execution, monitoring and continually updating these preventive practices define an organization’s first line of defense. But what happens in the event that an organization actually suffers a breach? Is there guidance that might be available, particularly to healthcare organizations, to deal with continuity and disaster planning (BC/DR) directed towards assuring resilience and recovery in the event of a potentially-disastrous cyberattack?

Continue Reading Hacking Healthcare: Cyberattack Contingency Planning and Response

The success of an artificial intelligence (AI) algorithm depends in large part upon trust, yet many AI technologies function as opaque ‘black boxes.’ Indeed, some are intentionally designed that way. This charts a mistaken course.

Continue Reading FTC Enforcement Highlights the Importance of Preserving Privacy in AI Development: How to Avoid AI Model Destruction

On April 20, 2022, the Department of Justice (DOJ) announced a nationwide coordinated enforcement action targeting COVID-19-related fraud involving charges against 21 individuals across nine federal districts, and over $149 million in alleged false claims submitted to federal programs.[1]

This marks the first significant DOJ enforcement action since Attorney General Merrick Garland named Associate Deputy Attorney General Kevin Chambers as the Director for COVID-19 Fraud Enforcement on March 10, an appointment President Biden previewed in his State of the Union address on March 1. Continue Reading DOJ Announces Enforcement Action Involving “Largest and Most Wide-Ranging” COVID-19 Fraud Detected to Date

Overview

In this month’s post, in the medical device realm I explore what kinds of inspection citations most often precede a warning letter.  In this exercise, I do not try to prove causation.  I am simply exploring correlation.  But with that caveat in mind, I think it’s still informative to see what types of inspectional citations, in a high percentage of cases, will precede a warning letter.  And, as I’ve said before, joining two different data sets – in this case inspectional data with warning letter data – might just reveal new insights. Continue Reading Unpacking Averages: Device Inspection Citations That Frequently Precede Warning Letters

On April 14, 2022, the Centers for Medicare & Medicaid Services (CMS) issued new guidance on the Independent Dispute Resolution (IDR) process, created under the No Surprises Act (NSA) to provide a mechanism for payers and providers to resolve disputes as to appropriate payment amounts for certain out-of-network claims. In addition, the Departments of Health and Human Services, Labor and the Treasury launched two online portals– one to host the IDR process for providers and payers and one to host the patient-provider dispute resolution process for self-pay and uninsured patients.

This new guidance replaces earlier instruction from the agency on how the IDR process would operate and what the independent arbitrator was required to consider. The prior guidance was withdrawn after a successful legal challenge to the interim final rule implementing the No Surprises Act provisions on the IDR process, specifically with respect to the weight to be given to the Qualifying Payment Amount (QPA). The QPA is essentially the payer’s median contracted rate for similar services. The QPA is used to calculate patient cost sharing and must be considered by the independent arbitrator in resolving a payment dispute between a payer and an out-of-network provider. Initially, regulators directed arbitrators to use the QPA as a baseline, and when choosing between the parties’ proposed payment offers to choose the amount closest to the QPA unless one of the parties submitted credible information demonstrating that the appropriate payment amount was materially different from QPA. Continue Reading No Surprises Act Update – New IDR Guidance