CMS today issued its Price Transparency Requirements for Hospitals Final Rule, which will go into effect on January 1, 2021. (CMS had initially proposed that it go into effect January 1, 2020, but agreed that that deadline was too “challenging”). Hospitals will be required to post on a public website, among other things, the “payer-specific negotiated charges” for each payer and plan. These negotiated rates have typically been subject to lock and key treatment through confidentiality agreements. Noncompliance with the rules may result in corrective action plans (CAPs), civil monetary penalties (CMPs) of $300 per day (indexed to an inflation factor), and a public notice of the CMP on a CMS website. Under the rules, CMS can issue “subsequent” CMPs for continued noncompliance. A link to the Final Rule is here: https://www.hhs.gov/sites/default/files/cms-1717-f2.pdf.
The Trump Administration has also issued a proposed “Transparency in Coverage” rule that would require plans to give consumers access to a tool providing an estimate of their cost-sharing liability for all covered healthcare items and services. It would also require plans to list on a website their negotiated rates for in-network providers and the allowed amounts paid for out-of-network providers. A link to the Proposed Rule is here: https://www.hhs.gov/sites/default/files/cms-9915-p.pdf.
We will continue to analyze and monitor these rules. Stay tuned.
CMS recently issued long-awaited draft guidance on hospital co-location with other hospitals or healthcare facilities, providing some potential insight on the otherwise ambiguous prohibition on “shared space.” This prohibition loosely stems from the requirement that a Medicare participating hospital is evaluated “as a whole” for compliance with the Conditions of Participation (“CoP”), among other state and federal regulatory requirements. Previously, it was believed that the provider based regulations at 42 C.F.R. § 413.65 governed this prohibition (this section was cited in a 2016 memorandum from the Pennsylvania Department of Health), but the CMS guidance did not cite this particular section. 
We previously 
A Houston federal judge preliminarily enjoined the government from recouping alleged Medicare overpayments made to an ambulance service company facing bankruptcy. See Adams EMS, Inc. v. Azar, No. H-18-1443, 2018 BL 391263 (S.D. Tex. 2018).
Last Friday, in 
On November 1, 2018, CMS issued a 2,379 page final rule titled “
In the wake of the largest U.S. health care data breach in history, Anthem, Inc., has agreed to pay $16 million to the Office for Civil Rights, which is a record settlement for alleged HIPAA violations. According to the Department of Health and Human Services (“HHS”), the previous high was a $5.55 million settlement paid in 2016. In addition to the monetary payment, Anthem has also agreed to take “substantial” corrective action to help prevent a similar breach from occurring in the future.
As US companies continue to spend time and effort complying and responding to all of the new privacy laws and regulations both in the United States and aboard (i.e.