Insights on Health Care

The Office for Civil Rights (OCR) recently began its second round of audits of covered entities and business associates for compliance with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule (the “Phase 2” audits).

The California Office of the Attorney General (OAG) recently released a report detailing a comprehensive analysis of the data breaches reported to the OAG between 2012 and 2015.

On May 6, 2016, CMS published in the Federal Register a request for comments on proposed revisions to the information to be collected pursuant to the CMS Voluntary Self-Referral (Stark) Disclosure Protocol (SRDP).

In March 2012, the Centers for Medicare & Medicaid Services (CMS) enhanced its Medicare enrollment screening for new and existing enrollees to the Medicare program. Providers not meeting CMS’s enhanced enrollment screening risk denial, revocation, or deactivation of Medicare billing privileges.

Arent Fox Health Care partner Linda A. Baumann was quoted extensively in Bloomberg BNA’s Health Care Fraud Report in an article on recent concerns surrounding the Stark Law that prohibits physician self-referrals.

Texas Health and Human Services Commission (HHSC) has finally issued final regulations transitioning to the use of the National Average Drug Acquisition Cost (NADAC) to establish Medicaid ingredient cost reimbursement instead of utilizing manufacturer-reported prices.

In a surprising move that could dramatically impact government enforcement actions against life science companies, the health care industry, and government contractors, a federal board has increased federal False Claims Act penalties by more than 100 percent. 

The Department of Justice recently announced it has reached a more than $780 million settlement with Pfizer Inc. and its subsidiary Wyeth to resolve reported false pricing allegations.

Partners Jacques Smith and David Greenberg spoke with AHLA Weekly after the US Supreme Court heard oral argument on April 19 in a major False Claims Act case that has far-reaching implications for the health care industry and other highly-regulated sectors reliant on government funding.

VA recently announced a significant policy change that will now require drug manufacturers to make drugs that are “covered drugs” under the Veterans Health Care Act (VHCA) available to the VA under the manufacturer’s Federal Supply Schedule (FSS) contract.

Covered entities and business associates subject to HIPAA Security Rule are closer to getting a benchmark for encryption standards with the release of the Standards and Guidelines Development Process in late March by the National Institute of Standards and Technology (NIST).

The Program Notice provides some guidance on how generic drug manufacturers are to calculate the new Additional Discount on generic drugs that will become part of the rebate due state Medicaid programs under the Medicaid Drug Rebate Program.

On April 14, 2016, the European Union formally adopted a new scheme – known as the EU General Data Protection Regulation (GDPR) – to protect the personal data of European residents.

On April 5, 2016, Chairwoman Edith Ramirez of the Federal Trade Commission (FTC) announced the release of a new web-based tool to assist developers of mobile health apps in understanding what federal laws they must comply with.

Today, the Department of Health and Human Services announced that it is re-opening the comment period on its June 17, 2015 proposed rule (the Proposed Rule).

On April 11, 2016, the Centers for Medicare and Medicaid Services (CMS) announced its Comprehensive Primary Care Plus (CPC+) initiative.

The US Supreme Court is set to hear oral arguments on April 19 in Universal Health Services, Inc. v. United States ex rel. Escobar, a key case addressing the implied certification theory of liability under the False Claims Act. 

In the wake of the recent ransomware attack on Hollywood Presbyterian Medical Center, news reports have emerged that at least three more medical centers and a large health care system have been the victims of these attacks.

On March 21, 2016, the US Department of Health and Human Services Office for Civil Rights (OCR) announced it was beginning its next round of audits of covered entities and business associates for compliance with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.

Federal prosecutors appearing at the American Conference Institute’s 16th Annual Forum on Fraud and Abuse in the Sales and Marketing of Medical Devices earlier this month outlined recent enforcement trends that should catch the attention of the health care industry.

If finalized, the Proposed Rule would represent the most dramatic change in Part B Drug reimbursement since the enactment of the Medicare Modernization Act.

These proposed changes to the rules governing the confidentiality of substance abuse treatment records mark the first time the regulations have been subject to revision since 1987.

The Centers for Medicare and Medicaid Services (CMS) intend to strengthen provider and supplier enrollment screening – meaning, scrutinizing providers and suppliers more closely during enrollment – according to a February 22, 2016 post on its blog. 

As pay-for-performance programs continue to expand in both scale and scope across the US health care system, the amount of administrative and clinical resources necessary to participate in these programs has correspondingly grown.

In a recent decision, a US Department of Health and Human Services (HHS) Administrative Law Judge (ALJ) agreed with the HHS Office of Civil Rights (OCR) that Lincare, Inc. d/b/a United Medical had violated HIPAA.