Google has confirmed that it is working with Ascension, one of the nation’s largest health systems in a project that will involve the health data of millions of Americans.  Google and Ascension have partnered in a project to store and analyze patient data with the intended goal of using Google’s artificial intelligence tools to enhance patient care and medical decision making.  As a result of this partnership, it has been estimated that over 100 Google employees may have access to sensitive patient data such as name, birth date, diagnoses and treatments.  Such access by Google to millions of patient’s health data has resulted in some concern over how the data will be protected, including a recently announced inquiry into the relationship by the U.S. Department of Health and Human Services’ Office of Civil Rights (“OCR”).  OCR has stated that it “would like to learn more information about this mass collection of individuals’ medical records with respect to the implication for patient privacy under HIPAA.”  Ascension has said that the project with Google has complied with the law and followed the healthcare organization’s “strict requirements for data handling.” 

We will continue to follow this important story.  Several other tech companies continue to try to gain a bigger share of America’s health care market, which will all have to be balanced with patient data privacy and security concerns.

CMS finalized the Outpatient Prospective Payment System hospital price transparency rules on November 15, 2019. As of January 1, 2021, hospitals will have to publicly post (and update annually) two sets of data: first, a comprehensive list of standard charges for items services offered by the hospital, and second, a consumer-friendly list of 300 “shoppable” services, including 70 selected by the Centers for Medicare and Medicaid Services (“CMS”).

The first transparency requirement states that each hospital operating within the United States must establish and make public a list of the hospital’s standard charges for items and services provided by the hospital, including diagnosis-related groups (DRGs). Standard charge is defined as “the regular rate established by the hospital for an item or service provided to a specific group of paying patients. This includes: (i) gross charge, (ii) payer-specific negotiated charge, (iii) de-identified minimum negotiated charge, (iv) de-identified maximum negotiated charge, and (v) discounted cash price.” Items and services is defined as “all items and services, including individual items and services and service packages, that could be provided by a hospital to a patient in connection with an inpatient admission or an outpatient department visit for which the hospital has established a standard charge.” Examples include supplies and procedures and room and board.

CMS today issued its Price Transparency Requirements for Hospitals Final Rule, which will go into effect on January 1, 2021. (CMS had initially proposed that it go into effect January 1, 2020, but agreed that that deadline was too “challenging”).  Hospitals will be required to post on a public website, among other things, the “payer-specific negotiated charges” for each payer and plan.  These negotiated rates have typically been subject to lock and key treatment through confidentiality agreements.  Noncompliance with the rules may result in corrective action plans (CAPs), civil monetary penalties (CMPs) of $300 per day (indexed to an inflation factor), and a public notice of the CMP on a CMS website. Under the rules, CMS can issue “subsequent” CMPs for continued noncompliance. A link to the Final Rule is here: https://www.hhs.gov/sites/default/files/cms-1717-f2.pdf.

The Trump Administration has also issued a proposed “Transparency in Coverage” rule that would require plans to give consumers access to a tool providing an estimate of their cost-sharing liability for all covered healthcare items and services.  It would also require plans to list on a website their negotiated rates for in-network providers and the allowed amounts paid for out-of-network providers.  A link to the Proposed Rule is here: https://www.hhs.gov/sites/default/files/cms-9915-p.pdf. 

We will continue to analyze and monitor these rules.  Stay tuned.