A few days ago, the U.S. Department of Health and Human Services (“HHS”), through its Office for Civil Rights, issued the proposed rule HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information (the “Rule”) “to improve cybersecurity and better protect the U.S. health care system from a growing number of cyberattacks.”
Continue reading…Proposed Changes to the HIPAA Security Rule Will Have a Significant Impact on the Health Care Sector
In October 2024, Blue Cross Blue Shield (“BCBS”) agreed to a $2.8 billion settlement to resolve allegations of anti-competitive practices in the health insurance market – it is reported to be the largest settlement in a health care antitrust case to date. This landmark case has drawn significant attention from policymakers, health care advocates, and consumers alike, highlighting the complexities of the health care system and its relationship with fair competition.
Continue reading…California is looking to take the lead on regulating private equity deals in the health care space by introducing bill AB 3129, which requires private equity groups or hedge funds to receive the state attorney general’s approval before purchasing a health care entity. At present, California’s proposal is the most extensive state legislation that seeks to regulate health care industry transactions in the U.S. and may encourage other states to establish similar legislation.
The bill’s stated goal is to protect the public interest, preserving competitive and accessible health care for communities and the state as a whole. To achieve this goal, state attorneys general are required to consider the potential positive and negative outcomes for the public resulting from a private equity firm’s proposed purchase. Price increases, quality decreases, or the resulting decrease in accessibility or availability of health care services are potential negative effects to be considered by the state attorneys general when deciding whether to consent to a transaction. On the other hand, potential benefits from the transaction to be considered may include price decreases directly passed to patients, improvements in access or availability of services to the community, or access to capital that the local community would not receive otherwise. [cite].
Continue reading…Under the No Surprises Act, “open negotiation” is the period of time during which payers must disclose to providers important information regarding the claim at issue. On June 14, 2024, CMS announced a 120-calendar-day exception period, the open negotiation period under the No Surprises Act, for providers, facilities, and providers of air ambulance services whose ability to initiate the open negotiation process was impacted by a recent cybersecurity attack.
Continue reading…Last week, the United States Department of Justice’s Antitrust Division announced the formation of the Task Force on Health Care Monopolies and Collusion (“HCMC”). The task force appears to have been inspired by concern for health care platforms that combine doctors with insurers, data, and other assets. For example, one platform company that combines a number of different health care industry sectors under its roof may be scrutinized by the HCMC. Leading the task force will be Katrina Rouse, an antitrust prosecutor who joined the DOJ’s antitrust division in 2011 and who served as a health care and consumer products section trial attorney.
Continue reading…On April 23, 2024, the Federal Trade Commission (“FTC”) issued its final rule regarding noncompete clauses, and which determined that such clauses are an unfair method of competition and therefore violate section 5 of the Federal Trade Commission Act (“FTC Act”). See 16 CFR Part 910. Since its release, the rule has generated some uncertainty in the health care industry because the ban’s ultimate applicability to nonprofits is unclear. Nonprofit hospitals make up the majority of all hospital systems in the United States, with the American Hospital Association (“AHA”) having indicated that as many as 58% of hospital systems claim tax-exempt status as nonprofits. Notably, nonprofit health care organizations regularly use noncompetes with physicians.
Continue reading…Last week CMS issued its final rule “CMS Interoperability and Prior Authorization” (CMS-0057-F), unchanged from its proposed rule in 2022, which addresses prior authorizations. Prior authorization, a “utilization management” technique, requires a health insurer to consent to a doctor’s proposed course of treatment for a patient before the insurer agrees to pay for any medical services the physician wishes to provide. See July 2023 Health Law Informer Article.
On January 17, 2024, CMS issued the rule which requires certain health plans to decide prior authorization requests within 72 hours for expedited requests and seven days for non-urgent appeals. The rule applies to Medicare, Medicare Advantage (MA), Medicaid, and Children’s Health Insurance Plans (CHIP), as well as qualified health plans on the Federally-Facilitated Exchanges (collectively, “Covered Entities”). [cite] In addition to the decision timeframe requirements, the rule also requires payers to provide a specific reason for denied prior authorization requests, and allows such decisions to be communicated via portal, fax, email, mail or phone. [cite] The rule does not apply to prior authorization decisions for drugs. [cite]
Continue reading…Last month, a cyberattack forced two New York hospitals to divert and even discharge some patients to other facilities, while the affected hospitals shut down their IT systems to address the issue and restore their secure network. [cite] In the wake of this event, New York Governor Kathy Hochul has proposed a cybersecurity regulation that would create a new section, Section 405.46 of Title 10 of the Official Compilation Codes, Rules and Regulations of the State of New York, and which would apply to all general hospitals in New York State. Governor Hochul plans to allocate $500 million to back the proposed regulation. [cite]
Continue reading…On Friday, September 15th, the United States Attorney’s Office for the District of Massachusetts (United States) and the Massachusetts Attorney General’s Office (Massachusetts) filed a joint complaint in the United States District Court for the District of Massachusetts against a Massachusetts-based substance abuse treatment provider. According to the complaint, the United States seeks to recover damages, restitution, and civil penalties against Bournewood Inc. d/b/a Bournewood Health Systems (Bournewood) and First Psychiatric Planners, Inc. d/b/a Bournewood Hospital (FPP) under the federal False Claims Act (FCA) and under the common law. Massachusetts seeks to similarly recover under the Massachusetts False Claims Act (MFCA), the Massachusetts Medicaid False Claims Act (MMFCA), common law. The case was initially filed as a qui tam whistleblower action in 2021 by the former operator of the group of sober homes, David Perry.
Continue reading…Prior authorizations, one of health insurers’ many “utilization management” techniques, is a hot topic amongst practicing physicians, patients, and regulators, to name a few. The prior-authorization process requires a health insurer to consent to a doctor’s proposed course of treatment for a patient before the insurer agrees to pay for any medical services the physician wishes to provide. The insurer’s consent is allegedly based on whether the prescribed treatment plan is considered “medically necessary” by the insurer.
Continue reading…