While digital health innovation empowers us to better manage our health and live more productive lives, it also poses myriad regulatory, strategic and operational challenges. Edited and authored by McDermott’s team of distinguished digital health lawyers, The Law of Digital Health offers an overview of the highly dynamic and integrated components of the digital health ecosystem, with the goal of helping businesses thrive in this ever-evolving landscape. Over five chapters, we explore a broad spectrum of digital health innovation opportunities and the corresponding value proposition; review current and evolving legal and regulatory frameworks, theories, interpretations, and policy and enforcement initiatives in both the public and private sectors; and provide practical planning and implementation strategies for achieving the appropriate balance between the benefits of digital health innovation opportunities and the need to manage associated legal and regulatory risks.
Ryan B. Marcus maintains a general health care practice. He advises hospitals health systems, and health industry clients on a variety of regulatory and transactional matters, including mergers, acquisitions, affiliations, and joint ventures. Read Ryan Marcus' full bio.
This past fall, after months of speculation, President Trump declared the opioid crisis sweeping the United States a national public health emergency. Upon the president’s declaration, Acting Health and Human Services Secretary Eric D. Hargan made a formal declaration under Section 319 of the Public Health Service Act, making available an exception to the Ryan Haight Online Pharmacy Consumer Protection Act of 2008 (the Haight Act) that would allow providers to prescribe controlled substances using telemedicine without first conducting an in-person visit. Currently, the Haight Act restricts the ability of a provider to prescribe controlled substances using telemedicine without first conducting an in-person examination, unless an exception applies. For a detailed discussion regarding the Haight Act and the restrictions on the use of telemedicine to prescribe controlled substances within the context of the treatment of opioid addiction and mental health generally, our latest article addresses the opioid crisis and access to mental and behavioral health providers.
The declaration of a public health emergency allows the US Drug Enforcement Agency (the DEA) to remove the restriction of prescribing controlled substances using telemedicine for the treatment of opioid addiction, but the DEA has not promulgated any rules or guidance on the subject. The lack of development has drawn the interest of Senators Claire McCaskill, Lisa Murkowski, and Dan Sullivan. The senators, in a January 30, 2018, letter to Robert Patterson, the acting administrator of the DEA, note that the restriction on the use of telemedicine from prescribing addiction treatment medications continues to have a harmful impact on rural Americans, citing specifically to Missouri, where 98 out of its 101 rural counties lack a licensed psychiatrist. In this letter, the senators call on Mr. Patterson to expedite the rulemaking process to create a special registration process to permit the prescription of opioid-based medication-assisted addiction therapies via telemedicine without first performing an in-person visit.
McDermott Will & Emery LLP will continue to monitor whether progress is made to develop this expedited rulemaking process and report updates on this blog.
The opioid epidemic is making the United States acutely aware of the horrors of substance abuse disorders and the limited means of treating the individuals suffering from addiction. Rural America is among the places hit hardest by opioid addiction while also having limited access to mental and behavioral health providers.
Telemedicine offers a viable solution to provider shortages, particularly with an eye toward mental health care professionals. Although telemedicine alone will not remedy the shortage of psychiatrists in the United States, the technology does possess the capability of greatly increasing access to them; however, a large driver of psychiatric care is provided through pharmaceutical treatments.
The ability for providers to prescribe pharmaceuticals, particularly controlled substances, to patients the provider has not seen in person is limited by the Ryan Haight Online Pharmacy Consumer Protection Act of 2008 (Haight Act). The relevance of the Haight Act, a law that went into effect almost nine years ago, has been revitalized, but the opioid epidemic and advances in psychiatric treatment are now demonstrating the law requires clarification through amendment to improve access to pharmaceutical treatments and, in turn, increase access to mental health care.
Reprinted with permission, copyright © 2018, The Bureau of National Affairs, Inc.
Throughout 2017, the health care and life sciences industries experienced a widespread proliferation of digital health innovation that presents challenges to traditional notions of health care delivery and payment as well as product research, development and commercialization for both long-standing and new stakeholders. At the same time, lawmakers and regulators made meaningful progress toward modernizing the existing legal framework in a way that will both adequately protect patients and consumers and support and encourage continued innovation, but their efforts have not kept pace with what has become the light speed of innovation. As a result, some obstacles, misalignment and ambiguity remain.
We are pleased to bring you this review of key developments that shaped digital health in 2017, along with planning considerations and predictions for the digital health frontier in the year ahead.
As the Federal Communications Commission repeals the Open Internet Order—more commonly known as the net-neutrality rules—health care consumers and providers have been left wondering how this change will affect their ability to receive and deliver health care using digital health tools. In this On the Subject, we outline how changes in internet access will affect digital health and what the regulatory landscape will look like in the coming months and years.
President Trump declared the opioid addiction epidemic a public health emergency yesterday. The White House made it clear that this declaration would allow officials to remove barriers to the prescribing of controlled substances via telemedicine, which would permit DEA registered providers to prescribe anti-addiction medications, such as Naloxone, to patients in need without first performing an in-person exam.
As background, the Ryan Haight Online Pharmacy Consumer Protection Act of 2008 (the Haight Act) requires a telemedicine provider who is prescribing a controlled substance to a patient to perform an in-person medical evaluation of the patient prior to prescribing a controlled substance, unless one of the narrow telemedicine exceptions set forth in the Haight Act applies. Additional information on the Ryan Haight Act and the implications of this declaration can be found here.
There are many important questions remaining to be answered, including whether any funding will be available to support the implementation of this declaration and whether the declaration will be renewed upon its expiration in 90 days. The answers to these questions are important to healthcare providers who will need to invest resources and time into developing telemedicine programs to reach more substance use disorder patients, which may take longer than 90 days to implement.
On September 29, the Federal Trade Commission (FTC) formally announced a December 12th workshop on informational injury—the injury a consumer suffers when information about them is misused. The workshop will address questions such as, how to characterize and measure such injury and what factors businesses and consumers should consider the benefits and risks of collecting, using and providing personal information so as to gain further perspective for how the FTC should apply its legal framework for privacy and security enforcement under 15 USC § 45 (Section 5). In her September 19th remarks to the Federal Communications Bar Association, Commissioner Maureen Ohlhausen, the Acting Chairman of the FTC, metaphorically characterized the workshop’s purpose as providing the next brushstrokes on the unfinished enforcement landscape the FTC is painting on its legal framework canvas. The full list of specific questions to be addressed may be accessed here.
Background. The FTC views itself as the primary US enforcer of data privacy and security, a role it recently assumed. While the FTC’s enforcement against practices causing informational injury through administrative proceedings goes back as far as 2002, its ability to pursue corporate liability for data security and privacy practices under its Section 5 “unfair or deceptive trade practices” jurisdiction was only ratified in 2015 by the US Court of Appeals for the Third Circuit in FTC v. Wyndham Worldwide Corporation. The FTC has actively invoked its enforcement authority but, in doing so, has been selective in determining which consumer informational injuries to pursue by questioning the strength of evidence connecting problematic practices with the injury, examining the magnitude of the injury and inquiring as to whether the injury is imminent or has been realized. Continue Reading Upcoming FTC Workshop on Informational Harm | Next Brushstrokes on the FTC’s Consumer Privacy and Security Enforcement Canvas
On July 31, 2017, President Donald Trump’s Commission on Combating Drug Addiction and the Opioid Crisis recommended that he declare the opioid epidemic a national emergency. In August 2017 and again on October 16, 2017, the president indicated he would declare the opioid crisis a national emergency. While it is apparent that the nation is suffering a drug overdose and opioid-specific crisis, the question remains as to what effect such a declaration would have on combatting the crisis.
The president’s powers to declare a national emergency arise from the Stafford Act, and once a national emergency is declared, it enables 1) access to US Department of Homeland Security ‒ Federal Emergency Management Agency (FEMA) funding, with states able to request grants for the specific purposes of treating opioid addiction; 2) the ability to re-appropriate federal agency workers, such as those employed by the agencies under the US Department of Health and Human Services (HHS) umbrella, to specifically research and treat opioid addiction; and 3) waiver of federal Medicaid regulations to provide additional aid to beneficiaries, ensuring sufficient health care items and services are available to meet the needs of beneficiaries. Such a declaration would undoubtedly open up both federal and state governments to formulate a comprehensive, unified strategy to combat the opioid epidemic sweeping the nation. Continue Reading The Opioid Crisis: Declaring a National Emergency and the Effect on Remote Prescribing through Telemedicine
The Office of the National Coordinator for Health Information Technology recently released a report (the Report) detailing user experience research on patient access to health data. The Report sought to examine the experiences of 17 individuals and processes of 50 health systems, with commentary from four medical record fulfillment administrators, to determine how the medical record request process can be improved for consumers. The Report ultimately concludes that patients and health care providers alike are in need of a well-defined process that is convenient, expedient and transparent.
The Health Insurance Patient Portability and Accountability Act (HIPAA) does not create a uniform process for storage and production of medical records across providers, and in-turn did not create a convenient request process for patients. Generally, patients have a right to access a designated record set, which includes 1) medical records and billing records about individuals maintained by or for a covered health care provider; 2) enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan; and 3) other records that are used, in whole or in part, by or for the covered entity to make decisions about individuals. Upon receipt of a request by a patient to access their health records, the covered entity receiving the request must produce the records within 30 days. Prior to producing those records, however, the covered entity must verify the identity of the individual making the request. This often involves signature verification or similar processes.
As one of the last states to retain highly restrictive (and arguably anti-competitive) telemedicine practice standards, health care providers, regulatory boards, technology companies, payors and other stakeholders have been actively monitoring Texas’ approach to telemedicine regulation and the related Teladoc case. Texas has eliminated its most restrictive requirement for delivering care via telemedicine in Texas, increasing opportunities for providers to reach patients using technology. Senate Bill 1107 was passed on May 11, 2017, and the House added an amendment in passing Senate Bill 1107, which was approved in the Senate on May 18. The bill was signed into law by Governor Abbott last weekend.