US Department of Health and Human Services

As previously noted in our Digital Health Mid-Year Review, 2018 has seen greater acceptance of telemedicine within the Medicare program. Both regulatory and statutory changes have expanded reimbursement opportunities and, consequentially, opportunities for the deployment of telemedicine technologies. As we noted then, however, improvement in the Medicare reimbursement environment for telemedicine services has been

As digital health innovation continues to move at light speed, both new and incumbent stakeholders find themselves on a new frontier—one that challenges traditional health care delivery and payment frameworks, in addition to changing the landscape for product research, development and commercialization. Modernization of the existing legal framework has not kept pace with the rate of digital health innovation, leaving no shortage of obstacles, misalignment and ambiguity for those in the wake.

What did we learn in 2017 and what’s to come on the digital health frontier in the year ahead? From advances and investments in artificial intelligence (AI) and machine learning (ML) to the increasingly complex conversion of health care innovation and policy, McDermott’s Digital Health Year in Review details the key developments that shaped digital health in 2017, along with planning considerations and predictions for the health care and life science industries in 2018. 
Continue Reading

President Trump declared the opioid addiction epidemic a public health emergency yesterday. The White House made it clear that this declaration would allow officials to remove barriers to the prescribing of controlled substances via telemedicine, which would permit DEA registered providers to prescribe anti-addiction medications, such as Naloxone, to patients in need without first performing

On July 31, 2017, President Donald Trump’s Commission on Combating Drug Addiction and the Opioid Crisis recommended that he declare the opioid epidemic a national emergency. In August 2017 and again on October 16, 2017, the president indicated he would declare the opioid crisis a national emergency. While it is apparent that the nation is suffering a drug overdose and opioid-specific crisis, the question remains as to what effect such a declaration would have on combatting the crisis.

The president’s powers to declare a national emergency arise from the Stafford Act, and once a national emergency is declared, it enables 1) access to US Department of Homeland Security ‒ Federal Emergency Management Agency (FEMA) funding, with states able to request grants for the specific purposes of treating opioid addiction; 2) the ability to re-appropriate federal agency workers, such as those employed by the agencies under the US Department of Health and Human Services (HHS) umbrella, to specifically research and treat opioid addiction; and 3) waiver of federal Medicaid regulations to provide additional aid to beneficiaries, ensuring sufficient health care items and services are available to meet the needs of beneficiaries. Such a declaration would undoubtedly open up both federal and state governments to formulate a comprehensive, unified strategy to combat the opioid epidemic sweeping the nation.
Continue Reading

On May 31, 2017, the US Department of Justice announced a Settlement Agreement under which eClinicalWorks, a vendor of electronic health record software, agreed to pay $155 million and enter into a five-year Corporate Integrity Agreement to resolve allegations that it caused its customers to submit false claims for Medicare and Medicaid meaningful use payments

The Electronic Health Records (EHR) Incentive Program run by Centers for Medicare and Medicaid Services (CMS) garnered attention again last week following the release of a report by the Office of Inspector General of the US Department of Health and Human Services (OIG) describing inappropriate payments to physicians under the program. The report follows on the heels of a high-profile settlement under the False Claims Act between the US Department of Justice and an EHR vendor related to certified electronic health record technology (CEHRT) used in the EHR Incentive Program (which we’ve previously discussed in-depth).

The OIG reviewed payments to 100 eligible professionals (EPs) who received EHR incentive payments between May 2011 and June 2014 and identified 14 inappropriate payments. OIG extrapolated the results of the review to the 250,470 total EPs who received incentive payments during that time period and estimated that CMS made approximately $729 million in inappropriate EHR incentive payments out of a total of just over $6 billion in such payments during the review period.
Continue Reading

On April 24, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement in the amount of $2.5 million based on the impermissible disclosure of unsecured electronic protected health information (ePHI) by a provider of remote mobile monitoring, with a focus on patients who are at risk for cardiac arrhythmias.

In January 2012, the remote monitoring company reported that a workforce member’s laptop containing the ePHI of over a thousand individuals was stolen from a parked vehicle outside of the employee’s home. A little over one year later, the same company reported a second breach that compromised the ePHI of twice as many individuals (details regarding this breach were not provided by OCR).

OCR’s investigation revealed that the company allegedly had insufficient risk analysis and risk management processes in place at the time of the theft. Additionally, the company’s draft policies and procedures implementing the standards of the HIPAA Security Rule had never been implemented, and the company was also unable to produce final versions of any policies or procedures regarding the implementation of safeguards for ePHI, including those for mobile devices.


Continue Reading

On December 7, 2016, the US Congress approved the 21st Century Cures Act (Cures legislation), which is intended to accelerate the “discovery, development and delivery” of medical therapies by encouraging public and private biomedical research investment, facilitating innovation review and approval processes, and continuing to invest and modernize the delivery of health care. The massive

On July 28, 2016, US Department of Health and Human Services (HHS) issued guidance (guidance) under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and recover from ransomware attacks. Ransomware attacks can also trigger concerns under state data breach notification laws.

The HIPAA Security