The digitization of health care and the proliferation of electronic medical records is happening rapidly, generating large quantities of data with potential to provide valuable insights into disease and wellness and help solve challenging public health problems.

There is tremendous enthusiasm over the possibilities of leveraging this data for secondary use–i.e., a use of data that is distinct from the purpose for which it was originally collected. However, such secondary use is often subject to intersecting legal and regulatory regimes–including HIPAA, the Common Rule, and the Federal Food, Drug, and Cosmetic Act and its implementing regulations–that are not fully harmonized.  This lack of harmonization in requirements, coupled with the wide range of industry players involved–including regulators, academic medical centers, health systems, payers, technology companies, manufacturers and industry entities, research institutions, registries, and professional societies, to name a few– presents challenges that require careful planning and implementation. While regulators have recently taken significant steps to reconcile the differences among these laws and provide a path forward for harnessing the potential of big data, some specific requirements within these individual regulations continue to present challenges.

It is critical for academic medical centers and teaching hospitals, which stand at the intersection of government-funded research and industry-sponsored research, and are also paving the way in partnerships with non-traditional health care players—to understand the evolving legal framework and business and compliance imperatives behind the quest for digital health information.

During the AHLA Annual Meeting on Tuesday, June 26, McDermott partner Jiayan Chen will review trends and the value proposition relating to secondary use, with a particular focus on challenges presented by secondary use in the precision medicine and digital health context.  Along with co-presenter Leah Voigt, she will explore key regulatory and sub-regulatory developments relating to the secondary use of data under FDA regulations, the Common Rule, and HIPAA, and will also use case studies to explore, in a practical context, the challenges and ambiguities that remain when pursuing internal secondary use initiatives and external collaborations, including implementation and contracting tips, insights, and strategies.

Recycle, Recycle, Recycle: Key Considerations for Research, Medical Education, and Other Secondary Uses of Data
AHLA Annual Meeting, Chicago, IL | June 26, 2018 | 9:45 – 10:45 am | Registration and program details.

McDermott’s Cocktail Reception during the AHLA Annual Meeting
The Art Institute of Chicago | June 26, 2018 | 6:00 – 8:00 pm
Following the programming on Tuesday, we invite you to join us for our annual cocktail reception at The Art Institute of Chicago. We look forward to an evening of networking, cocktails and private gallery tours with our colleagues, friends and fellow AHLA members. RSVP today!

Fortune’s April 2018 cover story, “Tech’s Next Big Wave: Big Data Meets Biology,” conveys loudly and clearly that technological innovation is transforming the health care continuum—changing the way care is delivered, as well as how patients manage their ongoing health—and as patient demand for health innovation increases, more companies seem eager to hop on the digital health bandwagon. The article provides a thoughtful, realistic (and somewhat sobering) perspective on digital health innovation’s successes and other results to date. It also quite effectively uses real world stories to convey the human dimension of digital health. One is the story of a mother who manually sampled and recorded her son’s glucose levels 20 times a day before an automated monitoring system connected to a mobile app allowed them both to live their lives without constant interruption by this critical care management function. Another describes use of an artificial intelligence “command center” to expedite access to life-saving surgery by a man with an aortic dissection. These real-world examples drive home the fact that digital health is already making a profound difference in our lives by removing barriers to care that are critical to saving lives and managing chronic diseases.

What the article does not touch on, however, are the myriad, complex legal challenges that must be addressed at the earliest stages of the planning process and the intensifying interest of government oversight and enforcement bodies, such as the Federal Trade Commission, the Food and Drug Administration, the Office of Civil Rights of the Department of Health and Human Services, and the Securities and Exchange Commission, interested in protecting the safety and privacy of patients and consumers. Just last month, we saw the SEC charge Theranos’ CEO Elizabeth Holmes with fraud for allegedly misleading investors about the company’s ability to detect health conditions from a small sample of blood. Earlier this year, another “unicorn” start-up, Outcome Health, settled with the federal government after The Wall Street Journal reported that they allegedly misled advertisers with manipulated information. The United States has also brought claims against the private equity company investor of a compounding pharmacy that allegedly paid illegal kickbacks to marketing firms to induce prescriptions written by telemedicine providers for costly compounded drugs reimbursed by TRICARE.

Opportunities and Challenges of the Patient Data “Gold Rush”

Eric Topol, MD, director at the Scripps Research Institute, told Fortune that “the quest to retrieve, analyze and leverage” data “has become the new gold rush. And a vanguard of tech titans—not to mention a bevy of hot startups—are on the hunt for it.” There is no doubt that harnessing and analyzing big data provide virtually limitless fuel for digital health innovation of the type patients and consumers are demanding and that tech companies are eager to develop and commercialize. While optimism about the quest for big data is certainly justified, it must be tempered by caution and careful consideration of complex, multi-dimensional legal and regulatory requirements that can shape the strategy for the exchange, use and exploitation of identifiable personal health data and other personal data.  As innovation continues to move in many directions and at light speed, it can be easy to get wrapped up in the excitement, but it’s worth taking a step back to take a look at the legal implications of doing so.

There are many current laws protecting patient data privacy, confidentiality and security that limit the type and extent of data-sharing that patients and digital health technology innovators demand. For instance, some state and federal privacy laws that protect particularly sensitive information (e.g., information concerning HIV/AIDS, mental health, substance abuse, and genetic testing and counseling) are more restrictive than the Health Insurance Portability and Accountability Act (HIPAA) and may require express written patient consent for uses and disclosures that HIPAA would permit without consent, and the Genetic Information Nondiscrimination Act of 2008 also limits access to genetic information by group health plans, health insurers and issuers of Medigap policies.

Prioritizing Comprehensive Compliance Programs

While the Fortune article states that transformative technologies are putting consumers “in the driver’s seat,” there are still legal barriers that are currently keeping them in the passenger seat. To that end, and at the earliest stage of the research and development life cycle, companies must thoroughly think through key compliance considerations such as the nature and frequency of necessary patient and consumer consents, how they will substantiate claims they make in marketing and selling a product, what pre‑market regulatory approvals they need to obtain and how they will support the application for such approvals, to name just a few. A comprehensive corporate compliance program that incorporates the essential elements identified by the Office of the Inspector General can help companies identify, address and manage regulatory and compliance challenges before they become a serious problem that will threaten the success of the digital health initiative and expose them to government enforcement actions and third party lawsuits.

To learn more about the legal barriers that exist in the digital health space, as well as the need for and value of a proper and thorough compliance program, read “The Law of Digital Health,” written by members of the McDermott Will & Emery Digital Health Team. Be sure to also stay up to speed on all of the regulatory challenges and growth opportunities in health care technology today by bookmarking our “Of Digital Interest” blog.

Follow us on LinkedIn at McDermott Will & Emery LLP.

Earlier this month, more than 45,000 attendees descended on Las Vegas, NV, for the nation’s largest annual health care technology conference: the 2018 HIMSS Conference & Exhibition (HIMSS18). Conversations and educational sessions covered a wide range of health tech topics, with thought leaders, solutions developers, health system executives, patient advocates and care providers coming together to discuss the myriad obstacles and opportunities facing the health care technology industry today.

On Tuesday March 6, during the HIMSS conference, McDermott Will & Emery along with our friends at Capstone Headwaters convened a panel discussion on “Financing High-Growth Healthcare IT Companies, which I had the pleasure of moderating. The seasoned mix of health care finance and private equity professionals discussed the various types and sources of capital available to fuel high-growth health IT organizations and how to choose the right mix of capital to support a company’s growth needs. We also reviewed the legal and regulatory implications for investments in health care IT companies, and discussed considerations for optimal positioning in a value-based care environment.  Continue Reading Financing High-Growth Health IT Companies: McDermott and Capstone’s Panel Recap from HIMSS 18

Designed to provide business leaders and their key advisors with the knowledge and insight they need to grow and sustain successful digital health initiatives, we are pleased to present The Law of Digital Health, a new book edited and authored by McDermott’s team of distinguished digital health lawyers, and published by AHLA.

Visit www.mwe.com/lawofdigitalhealth to order this comprehensive legal and regulatory analysis, coupled with practical planning and implementation strategies. You can also download the Executive Summary and hear more about how Digital Health is quickly and dynamically changing the health care landscape.

Explore more!

The General Data Protection Regulation (GDPR) establishes protections for the privacy and security of personal data (Personal Data) about individuals in the European Union (EU) single market countries, and potentially affects the clinical and other scientific research activities of academic medical centers and other research organizations in the United States.

This On the Subject includes frequently asked questions that discuss the extent to which United States research organizations must comply with GDPR when conducting research. Future coverage will address the impact of GDPR on other aspects of the United States health care sector.

Continue reading.

Enforceable in all EU member states on 25 May 2018, the General Data Privacy Regulation will require action by organisations both inside and outside the European Union to ensure compliance with this far-reaching privacy legal framework. Compliance is even more urgent given that the GDPR provides for large penalties in cases of infringement. As some entities are not yet aware of the extent to which GDPR may be applicable to them, the GDPR expressly applies to organisations established outside the European Union that offer paid or free goods or services to EU data subjects or monitor EU data subjects’ behaviour.

Within this article, we review steps for a risk based, prioritization approach to GDPR compliance and how companies can adjust their policies and practices on a pragmatic basis to help ensure compliance.

Continue reading.

On January 30, Attorney General Jeff Sessions announced a surge of Drug Enforcement Administration (DEA) agents and investigators over the coming month and a half, focused on pharmacies and prescribers who are dispensing unusual or disproportionate amounts of opioid drugs. The DEA will examine distribution and inventory data reported to the DEA by prescription drug manufacturers and distributors for “patterns” and “outliers” for further investigation.

Read the full On the Subject.

As digital health innovation continues to move at light speed, both new and incumbent stakeholders find themselves on a new frontier—one that challenges traditional health care delivery and payment frameworks, in addition to changing the landscape for product research, development and commercialization. Modernization of the existing legal framework has not kept pace with the rate of digital health innovation, leaving no shortage of obstacles, misalignment and ambiguity for those in the wake.

What did we learn in 2017 and what’s to come on the digital health frontier in the year ahead? From advances and investments in artificial intelligence (AI) and machine learning (ML) to the increasingly complex conversion of health care innovation and policy, McDermott’s Digital Health Year in Review details the key developments that shaped digital health in 2017, along with planning considerations and predictions for the health care and life science industries in 2018.  Continue Reading On the Digital Health Frontier: Developments Driving Industry Change in 2018

Stephen Bernstein, global chair of McDermott’s Health Industry Advisory Practice Group, sat down with This Week in Health Innovation at the J.P. Morgan Healthcare Conference in San Francisco.

Stephen and Dr. Andre Berger, CEO of National ACO, discussed the role of advancing technologies in enhancing collaboration between key players in digital health—including doctors, heath plans, investors, and consumers and patients—and how digital health is necessary for improving care delivery and managing costs.

Listen to the full podcast.

Throughout 2017, the health care and life sciences industries experienced a widespread proliferation of digital health innovation that presents challenges to traditional notions of health care delivery and payment as well as product research, development and commercialization for both long-standing and new stakeholders. At the same time, lawmakers and regulators made meaningful progress toward modernizing the existing legal framework in a way that will both adequately protect patients and consumers and support and encourage continued innovation, but their efforts have not kept pace with what has become the light speed of innovation. As a result, some obstacles, misalignment and ambiguity remain.

We are pleased to bring you this review of key developments that shaped digital health in 2017, along with planning considerations and predictions for the digital health frontier in the year ahead.

Read the full Special Report.