state law Archives - OF DIGITAL INTEREST

state law

Florida’s Extension of its COVID-19 Out-of-State Provider Waiver: A Sign of the Times

by Adam J. Rogers, Dale C. Van Demark and Danielle N. Scheer | Apr 17, 2020 | General Interest, Telehealth

Background: Issuing Florida’s Emergency Order

On March 16, 2020, Florida Surgeon General Dr. Scott Rivkees signed, stamped and finalized Emergency Order 20-002. In doing so, Florida joined what would become the vast majority of states in modifying licensure requirements for physicians in response to the Coronavirus (COVID-19) emergency.

The surgeon general’s order waived licensing requirements for out-of-state healthcare professionals, advanced life support professionals and basic life support professionals so that they could render services in Florida for the purposes of preparing for, responding to and mitigating any effect of COVID-19. In addition to waiving licensing requirements for in-person services, the order exempted out-of-state physicians, osteopathic physicians, physician assistants and advanced practice registered nurses from licensing requirements governing the provision of telehealth. The order also impacted emergency medical services training programs, physical examination requirements for physician certifications, prescription drug distribution and controlled substance prescription renewals (including medical marijuana). The order was to expire 30 days after signing—April 15, 2020.

(more…)

Avoiding Confusion Over State Licensing Laws as CMS Further Loosens Telemedicine Restrictions

by Dale C. Van Demark, Dawn R. Helak, Lisa Mazur and Rachel Stauffer | Apr 10, 2020 | Telehealth

The Centers for Medicare & Medicaid Services (CMS) continues to loosen the conditions for participation in Medicare, as well as specific reimbursement requirements, to ensure facilities and practitioners are able to practice at the top of their license and across state lines without jeopardizing Medicare reimbursement. Unfortunately, as demonstrated when CMS took similar actions over the past few weeks in response to the Coronavirus (COVID-19) pandemic, headlines tend to overlook one fundamental component of the applicable regulatory regime: state law requirements.

Unlike the Veterans Affairs Administration’s (VA’s) action a few years ago, which preempted state licensing law for purposes of implementing a VA telemedicine program, the Department of Health and Human Services has limited its actions during the COVID-19 pandemic to modifications of federal regulations and rules. Secretary Alex Azar, in a letter to the Governors, instead encouraged the states to take action themselves to similarly loosen state laws to ensure maximum utilization of resources. The states have been doing so, in some instances since early March, with different approaches. These differences stem from a large number of variables that are implicated by state licensure laws.

Key Takeaways: The practical implication for the provider community is that new standards for Medicare need to be adopted in harmony with existing state laws requirements, which, unfortunately, are not uniform across the country. Nevertheless, nearly every state has taken action to loosen cross-border licensing restrictions for healthcare professionals and have modified other rules and regulations to help protect healthcare workers, maximize their numbers and help them practice at the highest level of their experience and training. There is a national movement in this direction, but it remains a patchwork.

For a deeper dive into telemedicine regulations during the COVID-19 pandemic, visit our Coronavirus Resource Center, which features articles, webinar recordings and videos on the telemedicine issues you need to know.

Washington State Takes the Lead in CCPA Copycat Legislation Race, Trends Emerge

by Mark E. Schreiber and McDermott Will & Emery | Mar 6, 2020 | Consumer Protection, Data Privacy

Since the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, “copycat” legislation has been introduced at a dizzying pace by state legislatures across the country. Taking their cues from CCPA, at last count 16 states have borrowed language from California’s watershed law regarding consumer notices, data subject rights requests, and definitions of “personal information, “sale” of data and other key items. The likely intent is to provide equal (or, in some cases, greater) protections to the residents of their states.

As a practical matter, however, none of the proposed laws is identical to CCPA (nor to each other); some look to the EU General Data Protection Regulation (GDPR), and each takes a complex approach that requires careful reading. The proposed Washington Privacy Act (SB 6281) has been touted as the most comprehensive data protection law in the United States and combines elements of CCPA and GDPR, adding specific protections for biometric information. Late last week, the Washington House added significant enforcement “teeth” by passing an amendment that would provide a private right of action under the Washington Consumer Protection Act for any violation of the Privacy Act.

Despite the lack of uniformity among the recently proposed bills across the country, three key trends are emerging:

Trend #1 – Increased Push for a Private Right of Action

In Washington, pending legislation would extend the private right of action beyond alleged harm arising from data breaches to any violation of the proposed Washington Privacy Act. While prior versions of the legislation vested exclusive enforcement authority in the Washington Attorney General—with penalties up to $7,500 per violation—late last week, the Innovation, Technology and Economic Development Committee in the Washington House approved an amendment to SB 6281 under which any violation of the Privacy Act would be deemed a per se violation of Washington’s Consumer Protection Act. While it is unclear exactly how damages will ultimately be calculated, a broad private right of action is a significant enforcement mechanism for Washington consumers. Supporters of the amendment argued that without a private right of action, companies would have little incentive to comply with the law because the Attorney General’s office lacks the resources to undertake many enforcement actions.

Recent bills propose legislation that closely tracks the CCPA’s private right of action for individuals who allege that they were harmed by data breaches caused by a business’ failure to implement “reasonable security” measures. Both the Illinois Data Transparency and Privacy Act (SB 2330) and New Hampshire’s proposed privacy law, HB 1680, provide consumers with private right of action where personal information is (i) unencrypted and unredacted; and (ii) subject to exfiltration, theft or disclosure due to failure to implement reasonable data security procedures. Consumers may seek damages the greater of $100 – $750 per consumer, per incident or actual damages.

If Washington or other states enact data privacy laws with such provisions, the potential liability for organizations affected by data breaches or failing to comply with sweeping new privacy obligations could rapidly become [...]

Continue Reading

Telemedicine Collaborations and Partnerships: Key Considerations for Success

by Lisa Mazur | Aug 30, 2019 | Telehealth

Telemedicine collaborations, whether between technology companies and providers, health systems and patients, or other creative partnerships we have yet to see in the industry, can present numerous benefits to our healthcare delivery system and patient outcomes. However, such collaborations present a variety of regulatory, logistical and operational concerns that should be strategically addressed from the ideation stage of the collaboration onward.

Early-Stage Considerations

The strategy behind the collaboration should be developed with an eye towards the duration of the relationship and the development of mutually beneficial goals and objectives that are clear and measurable. Each party should be transparent about their capabilities and strategic vision at the outset of the collaboration talks to avoid any surprises or disappointments deeper in the future. Questions for potential collaboration partners include:

Is this an experimental partnership or a long-term plan?
What do I bring to the table? How can this partner supplement or support my capabilities?
How will this relationship be branded and marketed? Do I need greater visibility than my partner, or will we come together under a new brand?
Do we have the IT infrastructure and vendor relationships in place to execute this collaboration? If not, how will secure what we need?
Do we have the resources to meet the regulatory requirements of the partnership?
How will we measure the success or failure of the collaboration?

Considerations in the RFP Stage

After the initial strategy discussions have taken place, the proposal period raises its own series of considerations. After ensuring that the arrangement proposed can address the goals and objectives of the collaboration, regulatory and transactional issues take center stage. Rights and responsibilities of each party, reporting and compliance mechanisms, fees, credentialing, licensing and privacy compliance and liability issues, to name a few concerns, are addressed at this point in the process. Fees structures and compliance with the evolving federal and state laws regulating telemedicine providers are particularly complex issues that should be addressed at this point.

Questions to address regarding fees include:

(more…)

CMS Innovation Center Proposes Telehealth Solutions in ET3 Model

by Lisa Mazur | Jun 27, 2019 | Telehealth

As part of its efforts to provide patient-centered care and reduce costs for Medicare beneficiaries, the Centers for Medicare and Medicaid (CMS) have developed an Innovation Center model for ambulance care teams: Emergency Triage, Treat, and Transport (ET3). As part of this model, the agency has proposed two potential telehealth offerings: 1) An individual who calls 911 may be connected to a dispatch system that has incorporated a medical triage line to be screened for eligibility for medical triage services prior to ambulance initiation, and 2) telehealth assistance via audiovisual communications technologies with a qualified provider once the ambulance arrives.

Key participants in the ET3 model will be Medicare-enrolled ambulance service suppliers and hospital-owned ambulance providers. In addition, to advance regional alignment, local governments, their designees or other entities that operate or have authority over one or more 911 dispatches in geographic areas where ambulance suppliers and providers have been selected to participate in the ET3 model will have an opportunity to access cooperative agreement funding. As such, both state regulations and CMS regulations will apply to the use of telehealth offerings under ET3. This post explores early-stage questions of ET3 implementation and reimbursement, the intersection of state laws governing telehealth, and what potential participants and telehealth companies should know about the program.

How will CMS support the ET3 model implementation?

The key telehealth development for the ET3 program is that CMS expects to waive the telehealth geographic and originating site rules as necessary to implement the model, including waivers that will allow participants to facilitate telehealth at the scene of a 911 response. Additional information on these waivers is expected to accompany the ET3 Request for Applications (RFA), slated for release this summer. Overall, Medicare coverage requirements provide that the patient must be in an approved originating site at the time of the telehealth visit (e.g., hospital) and must be located within a rural area. CMS has waived these two requirements for other programs, such as the SUPPORT for Patients and Communities Act (the SUPPORT Act) in October 2018, which eliminated the originating site restriction for substance use disorder treatment, because doing so is necessary for these programs to succeed.

(more…)