General Interest Archives - OF DIGITAL INTEREST

General Interest

China’s Network Security Law Comes into Effect: What It Means for Your Company

by Jared T. Nelson and Jenny Z.N. Chen | Jun 1, 2017 | Cybersecurity, General Interest

Today, China’s much anticipated Network Security Law comes into effect after two years of review, revisions over three drafts and a public commenting process. The law is a historical development for China’s legislative coverage of information security and data protections. It also represents one of the strictest approaches in any jurisdiction worldwide, and a continuation of a broader effort at demonstrating the government’s cyber-sovereignty goals through control and regulation of data and the internet.

Overview of the Network Security Law

Commonly referred to as the “Cybersecurity Law,” the new piece of legislation has a broad scope and covers a range of issues related to data privacy, security and cross-border transfers, including:

Increasing security measures and strengthening data security through a variety of specific obligations
Ensuring consent for collection of personal information through the principles of legality, proper justification and necessity
Screening equipment and products for security testing and certification
Ensuring real-name registration for users
Strengthening requirements to cooperate with government agencies during criminal investigations or to protect national security
Requiring personal information to be stored in China under some circumstances
Increasing confidentiality measures for user information
Setting up a complaint and reporting platform for network security

(more…)

More Federal Legislation Aimed at Expanding Medicare Coverage of Telehealth Services

by McDermott Will & Emery, Dale C. Van Demark, Lisa Mazur and Marshall E. Jackson, Jr. | Apr 11, 2017 | Consumer Protection, Data Privacy, General Interest, Telehealth

Late last month, Senator Cory Gardner (R-CO) and Senator Gary Peters (D-MI) introduced Senate Bill 787, the Telehealth Innovation and Improvement Act (Telehealth Improvement Act), which is focused on expanding Medicare’s currently limited coverage of telehealth services and opportunities for innovation.

The Telehealth Improvement Act would require the Center for Medicare and Medicaid Innovation (CMMI) to test the effect of including telehealth services in Medicare health care delivery reform models. More specifically, the Act would require CMMI to assess telehealth models for effectiveness, cost and quality improvement, and if the telehealth model meets these criteria, then the model will be covered through the Medicare program. (more…)

The TCPA: An Unexpected Deterrent to Patient Engagement Tools

by Amy C. Pimentel | Mar 31, 2017 | Advertising & Marketing, Consumer Protection, General Interest, Telehealth, Text Messaging

In an age where providers are increasingly taking the management of their patient’s health online and out of the doctor’s office, the creation of scalable and nimble patient engagement tools can serve to improve patient experience, health care outcomes and health care costs. While the level of enthusiasm for these tools is at an all-time high, there is a growing concern about the unexpected deterrent to the adoption of these tools from an unlikely source: the Telephone Consumer Protection Act of 1991 (TCPA).

Many professionals in the health industry have come to share two misconceptions about the TCPA: first, that the TCPA only applies to marketing phone calls or text message “spam,” and second, that the TCPA does not apply to communications from HIPAA covered entities to their patients/health plan members. These misconceptions can be costly mistakes for covered entities that have designed their patient engagement outreach programs without include a TCPA compliance strategy.

Compliance Challenges

As discussed in a previous post, the TCPA was originally intended to curb abusive telemarketing calls. When applying the law to smarter and increasingly innovative technologies (especially those that we see in the patient engagement world), the TCPA poses significant compliance challenges for the users of these tools that arguably threaten to curb meaningful progress on important public health and policy goals.

Despite its initial scope of addressing robocalls, the TCPA also applies to many automated communications between health care providers and their patients, and between plans and their members. There is a diverse array of technical consent requirements that apply depending on what type of phone call you make. For instance, most auto-dialed marketing calls to cell phones require prior express written consent, meaning that the caller must first obtain written consent before making the call. To make compliance more compliance, callers remain responsible for proving consent and the accuracy of the numbers dialed.

Indeed, the TCPA presents a serious challenge for patient engagement tools, especially when violations of the TCPA can yield statutory damages of up to $1,500 per call or text message. While Federal Communications Commission orders over the past several years have added some clarity and a “safe harbor” for HIPAA-covered entities to help entities achieve compliance, there is still no “free pass” from the TCPA’s requirements. Therefore, covered entities and the business associates who work for them should not assume that compliance with HIPAA offers any security of defense against a successful claim under the TCPA.

(more…)

Utah Provides Structure to Telehealth, Expands Access to Mental Health in Proposed Bill

by McDermott Will & Emery, Lisa Mazur and Marshall E. Jackson, Jr. | Mar 13, 2017 | General Interest, Telehealth

Utah is one of the many states that started off 2017 with proposals to change its existing telehealth laws and regulations. Proposed Utah HB 154 (the Proposed Bill), endorsed by Ken Ivory and Allen Christensen, amends the regulatory infrastructure for telehealth, with a focus on mental health. Two of the key components of the Proposed Bill are listed below:

The Proposed Bill creates a scope of telehealth practices within the Utah Health Code. Under the scope of practice requirements, any provider using telehealth to provide care will be held to the same standard of care as that applicable to in-person care. In addition, the Proposed Bill stipulates that a provider may not prescribe using telehealth unless the provider has obtained the patient’s relevant clinical history and documented the relevant clinical history and current symptoms. The provider must also be available for follow-up care and familiar with available medical resources near where the patient was located during the telehealth consult.
The Proposed Bill enacts a new provision to the Utah Medical Assistance Act specifically enabling the provision of mental health services—treatment of mental conditions that are approved in the DSM-V—via telehealth technologies. This provision of the Proposed Bill is Utah’s attempt to increase access to behavioral and mental healthcare services in Utah. In particular, the DSM-V addresses substance abuse disorders as mental health disorders, and the telehealth provision will enable providers to help treat addiction using telehealth services where treatment facilities may not otherwise be available. Importantly, the Proposed Bill’s Medical Assistance Act amendment applies to any managed care organization that contracts with Medicaid, or any provider who is reimbursed under the Medicaid program, and requires insurers to disclose whether they provide coverage for telehealth services for mental health as part of the price and value comparison requirement under Utah law.

The Proposed Bill was passed by both the Utah House of Representatives and Senate and was enrolled on February 24, 2017. The Proposed Bill now awaits Governor Gary Herbert’s signature. If approved, the Proposed Bill will greatly expand access to health care for the mentally ill in Utah, and additionally provide more guidance to assist in the expanded use of telehealth and telemedicine services within the state.

Texas to Take a Leap Forward in Telehealth – A Proposed Bill Drops the Controversial In-Person Evaluation Requirement

by McDermott Will & Emery, Dale C. Van Demark, Lisa Mazur and Marshall E. Jackson, Jr. | Mar 9, 2017 | General Interest, Telehealth

Texas telehealth requirements will significantly change in the near future if Texas Senate Bill 1107 is passed into law, as it removes the controversial “face-to-face” or in-person consultation requirement to establish a physician-patient relationship and lawfully provide telehealth and telemedicine services within the state. This bill comes after a six-year-long battle between telemedicine stakeholders and the Texas Medical Board, and will better align Texas’ regulations with those found in other states.

Read the full article.

What You Need to Know about Changes to the Common Rule

by Lisa Mazur, Bernadette M. Broccolo, Chelsea M. Rutherford, Jennifer S. Geetter and Jiayan Chen | Feb 10, 2017 | Data Privacy, General Interest, Uncategorized

The Final Rule published by the US Department of Health and Human Services on January 18, 2017, largely avoids major modifications to the Common Rule. However, it specifically addresses creation of biospecimen and data repositories and use of those repositories for secondary research. All stakeholders involved in federally funded research should be aware of the Final Rule’s changes and prepare to implement them.

Read the full article here.

HHS Finalizes Overhaul of Federal Human Subjects Research Protections

by Chelsea M. Rutherford and Jennifer S. Geetter | Jan 18, 2017 | Data Privacy, General Interest, Uncategorized

On January 18, 2017, the Department of Health and Human Services (HHS) and 15 other federal agencies issued a final rule overhauling the federal human subjects research regulations known as the “Common Rule.” These are the first revisions to the Common Rule since its original enactment in 1991, and have been in progress since HHS first published an Advanced Notice of Proposed Rulemaking in July 2011. According to the press release accompanying the final rule, HHS made “significant changes” to its most recent proposals (published in September 2015) in response to the 2,100+ public comments they received.

The majority of the Common Rule’s changes and new provisions will go into effect in 2018. We are reviewing the final rule in detail, and a summary of changes and new provisions is forthcoming.

OMB Reviewing Common Rule Overhaul

by Chelsea M. Rutherford and Jennifer S. Geetter | Jan 6, 2017 | Data Privacy, General Interest, Uncategorized

On January 4, 2017, the Department of Health and Human Services (HHS) submitted a draft final rule to amend the federal human research regulations to the Office of Management and Budget (OMB). These regulations, often referred to as the Common Rule, were originally developed in 1991 and have been adopted by multiple federal departments and agencies. OMB review is the last step before final publication and suggests that HHS is trying to release a final rule before President Obama leaves office on January 20, 2017.

Through its Office for Human Research Protections (OHRP), HHS initially published an Advanced Notice of Proposed Rulemaking in July 2011. The Advanced Notice generated significant controversy and OHRP did not publish a notice of proposed rulemaking (Proposed Rule) for over four years, ultimately doing so on September 8, 2015. The Proposed Rule, like its earlier Advanced Notice counterpart, suggested major changes to the Common Rule, including changes to its overall jurisdictional scope, requirements relating to secondary use of biospecimens and individually identifiable information, and the general research review and oversight process.

Since the Proposed Rule’s publication, OHRP has received significant feedback from both industry and expert advisory groups about the proposed changes and their overall impact. While certain proposed changes have been applauded, the Proposed Rule has also generated considerable concern and uncertainty among stakeholders.

The current status of OMB’s review is pending.

The Joint Commission Puts the Brakes on Text Messaging Patient Orders

by Sandra M. DiVarco | Dec 28, 2016 | Data Privacy, General Interest, Telehealth, Text Messaging, Uncategorized

The Joint Commission (TJC) recently clarified that licensed independent providers (LIPs) or other practitioners may not utilize secure text messaging platforms to transmit patient care orders. TJC’s earlier position provided that use of secure text messaging platforms was an acceptable method to transmit such orders, provided that the use was in accordance with professional standards of practice, law and regulation, and policies and procedures.

TJC identified the rationale for the reinstated prohibition against secure text messaging for patient care orders as one of patient safety—after “weighing the pros and cons” TJC and the Centers For Medicare and Medicaid Services (CMS) concluded that as the impact of the modality on patient safety remained unclear, and determined that approving its use was premature.

Read more here about how this clarification impacts health care organizations.

Digital Health Solutions are Key to Success under Health Care Payment Innovations

by McDermott Will & Emery, Bernadette M. Broccolo and Lisa Mazur | Dec 20, 2016 | General Interest, Mobile Apps, Telehealth

Digital health—the intersection of health care related software applications, analytical tools, medical device technology and electronic data assets that are enabled and achieved through the use of the internet and hand-held devices—is empowering the innovation needed to meet the imperative for a transition from payment based on volume to payment based on value that is evaluated in terms of measurable improvements in care delivery and population health.

ODI post 2

One prominent example is the use of digital health solutions to implement the payment innovation contemplated by the Medicare Access and CHIP Reauthorization Act (known as MACRA)—which directly ties both payment increases and reductions to various, specific efficiency and value measures. The Merit-Based Incentive Payment System (MIPS), one of the two available payment pathways under MACRA, assigns points to clinicians in different performance categories, several of which promote the adoption of digital health solutions. To illustrate:

The Quality category requires six measures to be reported, many of which may be leveraged through the use of digital health tools. For example, the Maternity Care: Post-Partum Follow-Up and Care Coordination measure tracks the percentage of patients who were seen for post-partum care within eight weeks of giving birth who received particular evaluations, screening and education. Obstetricians, gynecologists and family medicine practitioners could earn points under this measure by using telemedicine technologies, like videoconferencing platform, to engage in virtual patient visits with post-partum patients to answer the patient’s questions, provide education on the recovery process and assess the patient’s physical and mental health status, including the performance of mandatory post-partum depression screenings.
The Advancing Care Information category requires the use of certified electronic health record technology to coordinate care through patient engagement (g., secure messaging). The implementation of patient portals with integrated messaging platforms facilitate communication between the patient and health care practitioner, providing additional functionalities like sending reminders, engaging in dialogue about follow-up care, encouraging preventative action and distributing educational materials. These portals typically also give the patient access to timely and informative data, like test results, that allow the patient to play a role in decision making and (hopefully) empower the well-informed consumption of care.
The Clinical Practice Improvement category is perhaps the best opportunity for digital health integration. Activities that improve beneficiary engagement, population management, expanded practice access and care coordination—among others—are assigned points and weighted. Here, mobile apps have the capability to enable e-visits via videoconference as an alternative method to an in-person visit; facilitate questionnaire reporting; and send reminders, materials and other notifications to alert and educate patients about services due. The apps also provide opportunities to generally inform the delivery of care for the specific patient by sending alerts to providers to indicate that it’s time for a visit or that a problematic symptom was noted on a questionnaire. Further, clinical practices could leverage app-sourced data to gain information about patient trends, clinical areas of concern or successes related to digital health tool utilization.

For [...]

Continue Reading