The Biden administration recently proposed revising the process behind an outlet for pharmaceutical companies to resolve price fights for those participating in the 340B drug discount program. According to this Bloomberg article, disputes between providers and pharmaceutical companies were in limbo as the industry waited for the Biden administration to replace an administrative dispute resolution (ADR) board. McDermott Partner Emily J. Cook said the proposed US Department of Health and Human Services rule ushers in “some significant changes” from the prior ADR process.
On December 1, 2022, the Pandemic Response Accountability Committee (PRAC) Health Care Subgroup issued its report on fraud, waste and abuse risks that arose as a result of the dramatic increase in telehealth services provided during the COVID-19 pandemic. The PRAC was created under the CARES Act to oversee the historic spending that was part of the federal government’s response to the COVID-19 pandemic. The PRAC Health Care Subgroup comprises the offices of the inspector general (OIGs) for six federal agencies:
- The US Department of Health and Human Services (HHS)
- The US Department of Defense (DoD)
- The Office of Personnel Management (OPM)
- The US Department of Veterans Affairs (VA)
- The US Department of Labor (DOL)
- The US Department of Justice (DOJ).
Each OIG oversees an agency that administers a federal program connected to using or paying for telehealth services.
The report highlights the increased access to services that telehealth facilitated during the pandemic and notes key focus areas with respect to program integrity and preventing fraud and abuse. The report is a resource intended to be used by stakeholders across the healthcare industry, including congressional lawmakers, federal and state agencies, and healthcare organizations. The report aims to raise awareness of the importance of safeguarding expanded telehealth services against fraud, waste and abuse.
CMS Seeks Provider and Stakeholder Feedback on First National Directory of Healthcare Providers and Services
CMS is soliciting feedback on the creation of the first national directory of healthcare providers and services (NDH), which would contain information on healthcare providers and services across the country. CMS states that the NDH would improve and support interoperability throughout the healthcare sector for payers and providers while making it easier for patients to identify, compare and locate providers who meet their specific needs and preferences, such as those related to office accessibility, languages spoken or other data. CMS proposes that consolidating provider data into a single source would ultimately reduce the unnecessary burden placed on providers to maintain dozens of separate directories while improving access to care. The new system would be used in place of commercial payor directories and allow payers to update their own directories seamlessly from a single directory. CMS is proposing integrating the NDH with current CMS-maintained systems (i.e., NPPES, PECOS and Care Compare).
On December 23, 2022, US Congress approved a year-end omnibus legislative package, Consolidated Appropriations Act, 2023 (CAA 2023), which consists of all 12 fiscal year 2023 appropriations bills and numerous other provisions, including health policy changes. The healthcare provisions in this omnibus package extend key Medicare telehealth flexibilities and the temporary telehealth safe harbor for High Deductible Health Plans (HDHP) first-dollar coverage.
The passing of the omnibus package presents a victory for industry advocates that have sought to extend the COVID-19 Medicare flexibilities and the HDHP safe harbor. The Medicare provisions will continue the flexibilities for providers and, coupled with the HDHP safe harbor, will enable beneficiaries to access expanded healthcare options through telehealth services. However, as the COVID-19 flexibilities and HDHP safe harbor are extended on a temporary basis through December 31, 2024, stakeholders will need to continue to engage with Congress on a more permanent solution.
On September 26, the US Government Accountability Office (GAO) released a report titled “Medicare Telehealth: Actions Needed to Strengthen Oversight and Help Providers Educate Patients on Privacy and Security Risks.” The 75-page report describes the utilization of Medicare telehealth services under current pandemic-related waivers, the Centers for Medicare & Medicaid Services (CMS) efforts to identify and monitor risks posed by the current waivers, and a change made by the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) to the enforcement of regulations governing patients’ protected health information during the COVID-19 public health emergency (PHE).
GAO made four recommendations—three directed to CMS and one directed to OCR—aimed at remedying the issues set forth in the report:
- CMS should develop an additional billing modifier or clarify its guidance regarding billing of audio-only office visits to allow the agency to fully track these visits.
- CMS should require providers to use available site of service codes to indicate when Medicare telehealth services are delivered to beneficiaries in their homes.
- CMS should comprehensively assess the quality of Medicare services, including audio-only services, delivered using telehealth during the PHE.
- OCR should provide additional education, outreach or other assistance to providers to help them explain the privacy and security risks to patients in plain language when using video telehealth platforms to provide telehealth services.
Among its utilization findings, the GAO report found that the use of telehealth services increased from about five million services pre-waiver (April to December 2019) to more than 53 million services post-waiver (April to December 2020) and that, post-waiver, 5% of providers delivered more than 40% of telehealth services, and 5% of beneficiaries accounted for almost 40% of telehealth utilization.
The report noted that CMS lacks complete data on the use of audio-only technology and telehealth visits furnished in patients’ homes, because there is no billing mechanism for providers to identify all instances of audio-only visits, and because providers are not required to use available codes to identify visits furnished in homes. The GAO report also noted that OCR did not advise providers about specific language to use or give direction on explaining risks to patients, with respect to OCR’s March 2020 policy that it would not impose penalties against providers for noncompliance with privacy and security requirements in connection with the good faith provision of telehealth during the PHE.
This GAO report comes on the heels of a recent report from the HHS Office of Inspector General that found little evidence of waste and fraud related to Medicare telehealth services during the first year of the pandemic. These reports are part of a broader push by Congress and the Biden administration to examine current telehealth flexibilities and determine how to extend them beyond the COVID-19 PHE.
After almost a year of negotiations among congressional Democrats and the White House, the Inflation Reduction Act of 2022 (IRA) was signed into law by President Biden on August 16, 2022. It passed in the US Senate by a vote of 50–50, with the vice president breaking the tie, on August 7, 2022. The bill passed the US House of Representatives August 12, 2022, by a party-line vote of 220-207. This McDermott+Consulting article summarizes the key healthcare provisions of the IRA, including prescription drug reform, inflationary rebates, a cap on insulin costs, a Medicare Part D benefit redesign and a new pharmacy benefit manager rebate rule.
The US Supreme Court’s recent decision to overturn Roe v. Wade in Dobbs v. Jackson Women’s Health Organization has raised many questions about potential efforts by law enforcement agencies to obtain data from healthcare and other service providers to detect the performance of a possibly unlawful abortion. For example, data collected by period-tracking apps, patients’ self-reported symptoms, or diagnostic-testing results might be used to establish the timeframe in which an individual became pregnant, and then demonstrate that a pregnancy was terminated, as part of investigative or enforcement efforts against individuals or organizations allegedly involved in such termination.
On June 29, 2022, the office within the US Department of Health and Human Services (HHS) that is responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA), the Office for Civil Rights (OCR), issued guidance addressing how HIPAA limits disclosures by covered entities and business associates to law enforcement agencies in the absence of a court order or other legal mandate. The guidance provides helpful insight on how OCR may use HIPAA enforcement to discourage unauthorized disclosures of protected health information (PHI) to law enforcement officials in the wake of new state laws outlawing abortion. The guidance also implicitly confirms, however, that HIPAA does not provide a complete shield against law enforcement and litigation-driven requests for abortion-related information.
The US House of Representatives approved a bipartisan bill that would extend Medicare telehealth flexibilities through the end of 2024; immediate US Senate action on the bill is unlikely, however.
On July 27, 2022, the US House of Representatives approved the Advancing Telehealth Beyond COVID-19 Act (H.R. 4040) by a wide bipartisan margin of 416–12. This bill would extend Medicare telehealth flexibilities through the end of 2024, including geographic and originating site flexibilities, expanded eligible practitioners, reimbursement for federally qualified health centers and rural health clinics, delay of the in-person telemental health requirement, continued use of audio-only telehealth and flexibility to use telehealth to satisfy Medicare face-to-face requirements.
Immediate US Senate action on H.R. 4040 is not likely, as the Senate is working on other priorities heading into the August recess. In addition, given the limited number of legislative days on the calendar before the midterm elections, additional action on telehealth extensions is more likely to occur during Congress’s lame-duck session at the end of the year. These same provisions were extended for 151 days beyond the end of the public health emergency (PHE) through the enactment of the Consolidated Appropriations Act of 2022, making it less urgent for Congress to act on an extension before the end of the year—although this bill has significantly increased chances of Congress doing so.
The COVID-19 pandemic has ushered in significant changes to the healthcare industry, specifically the transition from a fee-for-service model to a value-based care model, and digital health has proved to be a driver of value-based care models. In this Westlaw Today article, McDermott Partners Marshall E. Jackson, Jr. and Jeremy Earl suggest that increased use of telehealth during the pandemic may lead to an increase in the adoption of value-based care models that reward providers for efficiency and effectiveness.
As the world emerges from the COVID-19 pandemic, healthcare fraud enforcement remains a top priority for the US Department of Justice (DOJ) and other government agencies with enforcement authority. In this Westlaw Today article, McDermott Partners Laura McLane, Tony Maida and Dana M. McSherry describe some of the areas that have assumed particularly high enforcement priority, including private equity, telehealth and pandemic relief funds.