Monthly Archives: March 2015

Another Health Plan Hit By Massive CyberAttack and Class Actions Follow

Coming fresh off the heels of the Anthem data breach Premera Blue Cross announced on March 17th that it was the victim of a “sophisticated” cyberattack that may have exposed the personal information of approximately 11 million of its members.  Premera has approximately 6 million members residing in the State of Washington, 250,000 members residing in Oregon and 80,000 members residing in Alaska.  Premera stated that the cyberattack began sometime in May of 2014 but was not discovered until the end of January 2015.   According to Premera, the information exposed may include social security numbers, bank account information, and medical and financial information, including clinical information.

Three state insurance commissioners (Washington, Oregon and Alaska) have already launched a joint investigation and a market conduct examination of Premera related to the breach.  The joint investigation will include on-site reviews of Premera’s financial books, records, transactions, and Premera’ cybersecurity.  The Washington Insurance Commissioner has expressed concern over the length of time (approximately six weeks) it took for Premera to notify his office of the attack.  Alaska’s governor ordered all state agencies to review their online security safeguards as well as those put in play by their business associates.  Premera is also conducting an internal forensic investigation by a cybersecurity firm and is cooperating with the FBI in a criminal investigation.

Combined with the cyberattacks on Community Health Systems and Anthem, this is the third large attack on a member of the health care industry announced in the last seven months, and these three breaches may have collectively impacted approximately 95.5 million people.   As these attacks illustrate, health information is now a high priority target for cybercriminals.  Currently a complete health record may be worth at least ten times more than credit card information on the black market as health records often include a wealth of personal information that can be used for identity theft and to file false health insurance claims.  Further, the data security protections currently in place in the health care industry tend to lag behind those in the banking and financial sector, which makes the information vulnerable to attack by those who view the valuable information as “low hanging fruit.”

Similar to the Anthem and the Community Health Systems breaches, Premera was immediately hit by a proposed class action accusing Premera of negligence and inadequate security.  The March 26, 2015 Complaint alleges that Premera breached its duty of care by failing to secure and safeguard the personal and health information of its members and negligently maintaining a system that it knew was vulnerable to a security breach.  The Complaint further alleges that Premera has a duty to secure and safeguard the personal health information of its members under HIPAA and its failure to implement security and privacy safeguards was a violation of HIPAA.  The Complaint also alleges violations of state consumer protection laws and data disclosure laws.

As evident by the Anthem and Premera breaches, a single security incident resulting in a data breach can have significant consequences for health care companies and business associates that include government investigations, class action lawsuits, and a hit to the organization’s reputation.  To manage this risk, we encourage all companies handling health information to conduct comprehensive risk assessments and to create, review and update their data security policies and procedures to ensure that they are doing enough to adequately protect the health information maintained on their IT systems and elsewhere in their organization.

About The Authors

Tags: , , ,

On the Horizon … A Possible “Permanent” Cure to Medicare’s “Doc Fix”

Posted by Ryan Blaney on March 27, 2015
Affordable Care Act, Medicare / No Comments

11In a historic bipartisan moment, the U.S. House of Representatives passed a nearly 300-page bill that is intended to “repeal the Medicare sustainable growth rate [“SGR”] and strengthen Medicare access by improving physician payments and making other improvements.” The legislation, titled the Medicare Access and CHIP Reauthorization Act of 2015, which is referred to as the Medicare “doc fix”, is the result of ongoing bipartisan efforts to resolve an unpopular physician reimbursement system that if not overridden each year would cut Medicare doctor’s pay by a notable percentage. The annual reimbursement cut would occur as required under the federal Balanced Budget Act of 1997 (the “BBA”), if not for the annual fixes set into motion by Congress. In a March 25, 2015 letter from the Congressional Budget Office (“CBO”) to House Speaker Boehner, the CBO explained that the BBA established the SGR formula “to ensure that real—that is, adjusted for inflation—spending per [Medicare] beneficiary for physicians’ services would grow on average at a rate of increase in gross domestic protect per capita minus the expected rate of increase in productivity for the economy as a whole.”

According to news outlets and press conferences, President Obama is ready to sign the bill once the Senate passes it. In the CBO’s letter to House Speaker Boehner, it estimated that this bill will increase:

  • The federal budget deficits by $141 billion;
  • Direct spending by approximately $145 billon; and
  • Revenues by approximately $4 billion.

Under the Bill, Medicare’s payment rates for services on the physician fee schedule would increase by 0.5 percent a year for services furnished through 2019.  From 2019 through 2025 payments will remain the same but Medicare doctors will be eligible for merit-based bonus payments consistent with Medicare initiatives such as care models that shift away from fee for services.

Many expected the Bill to pass the Senate on Friday, March 27th but the Bill was not put up for a vote and Senate Minority Leader Harry Reid and Majority Leader Mitch McConnell said the bill will not get a vote until mid-April when the Senate returns from its recess.  CMS has provided notice that they will be able to hold payment for 14 calendar days to avoid a rate cut.

For further information contact Cozen O’Connor’s health care team.  We will continue to monitor and provide updates.

About The Authors

Tags: , , , , , , ,

Going Paperless: FDA Releases Draft Guidelines to Digitize Clinical Trials

Posted by Ryan Blaney on March 12, 2015
Affordable Care Act, CMS, Medicare, Uncategorized / No Comments

 

FDA ShutterstockThe FDA released draft guidelines (“Guidelines”) on Monday, March 9, 2015 establishing recommendations on the use of e-media and processes to obtain informed consent for clinical investigations (trials) of medical products including human drug and biological products, medical devices and combinations. The Guidelines provide useful insight for how the FDA recommends clinical investigators, sponsors and institutional review boards (“IRB”) should use e-informed consent for a clinical trial.

The FDA defines e-informed consent as “using electronic systems and processes that may employ multiple electronic media (e.g., text, graphics, audio, video, podcasts and interactive Web sites, biological recognition devices, and card readers) to convey information related to the study and to obtain and document informed consent.” The FDA reminds clinical investigators and sponsors that informed consent is more than just a subject’s signature.  Informed consent – whether completed electronically or in paper form – includes providing prospective clinical trial participants with enough information regarding the research to enable them to make an informed decision regarding whether to participate in the study. The subjects must have “adequate information” about the research.  Clinical investigators and sponsors may use video conferencing (i.e. Skype) to answer a subject’s questions about the clinical trial.

The Guidelines also include a question and answer section containing 14 inquires such as:

  • How information in an e-informed consent should be presented to subjects;
  • How/where e-informed consent processes should be conducted; and
  • How/when questions from subjects should be answered.

Similar to CMS and states recognizing the authenticity of e-signatures, this guidance demonstrates the FDA’s desire to digitize health care and respond to the increased patient access to clinical trials in states passing “right-to-try” bills.  Right-to-try bills generally permit doctors and terminally ill patients to negotiate directly with drug companies to obtain experimental drugs that have passed Phase-I trials. Stay tuned for a forthcoming Health Law Informer blog announcing the FDA’s release of the e-informed consent final guidelines, which clinical investigators, sponsors and IRBs will want to consider implementing.

For further information contact the Cozen O’Connor’s health care team or the authors Ryan P. Blaney (Washington, DC) and J. Nicole Martin (Philadelphia, PA).

About The Authors

Tags: , , , ,

Practice Leasing: An Alternative Worth Considering

Posted by Chris Raphaely on March 11, 2015
Practice Leasing / No Comments

As hospitals look to forge alignments with medical staff physicians and many “independent” physicians consider whether they want to become employees of a hospital or health system or remain independent operators of their own practice, a practice lease arrangement may provide a very attractive alternative. Under the typical lease arrangement the institution leases the practice, including the practices operations, premises, physicians and other professional staff.

In this arrangement the institution does not acquire nor does it employ the physicians, but it does gain many, if not all, of the material benefits of a practice  acquisition and physician employment during the term of the lease. The arrangement also gives the physician(s) in the practice the opportunity to evaluate what it might be like to work with the institution in an employment arrangement without selling his/her practice and making the full commitment to employment. If either party prefers not to continue the lease arrangement beyond the lease term, the unwind is typically much easier than a typical employment or acquisition transaction.

The lease arrangement can also be used to successfully navigate through valuation issues that can arise with the acquisition of a practice that has historically generated significant ancillary revenue from services like infusion therapy or imaging services. Cozen O’Connor attorneys have experience establishing lease arrangements and stand ready to assist providers who might  consider this alternative to physician acquisition and employment.

About The Authors

Tags:

Co-Chair of Cozen O’Connor’s Health Care Practice Discusses the Affordable Care Act in the New York Times

Posted by Chris Raphaely on March 10, 2015
Affordable Care Act, Medicaid / No Comments

Mark H. Gallant, co-chair of Cozen O’Connor’s Health Care practice group and a nationally respected health care lawyer, was quoted in a recent New York Times article discussing the Supreme Court arguments in the case, King v. Burwell. At issue in the case is the right to federal subsidies for the purchase of health insurance by individuals who reside in states that have chosen to have the federal government run their health insurance exchange.  If decided for the plaintiffs, the case could have a drastic effect on the future of the controversial Affordable Care Act.

Mark has been a go-to contact for the press on these type of issues for many years, recently providing insight into another Supreme Court case regarding the rights of providers to sue states over Medicaid payment rates in Bloomberg Business News. With the Affordable Care Act’s mandate to expand health care coverage and states still facing significant budgetary constraints, various media outlets will no doubt be seeking out Mark’s insights as the issues surrounding the payment for expanded health care coverage play out.

Some Supreme Court Justices Cite 2012 Argument Against Health Care Law as Defense for It Now – New York Times – March 8, 2015

Why the Supreme Court’s Medicaid Decision Matters – Bloomberg Business – January 20, 2015

About The Author

Tags: , ,