District Court Strikes Down FDA’s LDT Rule, Opens the Door for Challenges to FDA’s Regulation of Other “Services” as Medical Devices

By Keith Bradley, Delia Deschaine and Samuel Ballingrud on April 11, 2025 Posted in FDA, Regulations

On Monday, March 31, a court in the Eastern District of Texas found unlawful and vacated the Food and Drug Administration’s 2024 Rule regulating as “devices” under the Food, Drug, and Cosmetic Act (“FDCA”), certain laboratory-developed test (“LDTs”) used to diagnose, monitor, or determine treatment for diseases and conditions. The decision, American Clinical Laboratory Assoc. v. FDA, No. 4:24-CV-479-SDJ, 2025 WL 964238 (E.D. Tex. Mar. 31, 2025), marks another application of the Supreme Court’s recent Loper Bright decision rejecting the longstanding Chevron principle of deference to agency statutory interpretation. Loper Bright continues to fundamentally rework the legal framework for challenging agency actions.

LDTs are familiar products which underlie an enormous amount of modern medical care and range from the prosaic to the profound. Anyone who has ever had bloodwork done during an annual checkup has been a part of this well-known process: a doctor orders a specimen to be taken—here, blood—which is drawn from the patient and sent off to a laboratory for analysis to report quantitative measurements such as blood type which are in turn reported to the ordering physician to inform patient care. Other LDTs are much more specialized; Human Leukocyte Antigen (“HLA”) tests are necessary components of emergency, life-saving care which involves a rapid histocompatibility test as part of organ, stem cell, and tissue transplantation.

LDTs have long been regulated by the Center for Medicare and Medicaid Services under the 1967 Clinical Laboratories Improvement Act. CMS has issued extensive regulations to regulate LDTs under this authority, for example, regulating HLA testing by requiring use of the World Health Organization (WHO) Nomenclature Committee for Factors of the HLA System for laboratories performing such tests. 42 C.F.R. § 493.1278(b)(1). For years, FDA has claimed the authority to regulate LDTs but purported to exercise its discretion to decline to do so. E.g., 62 Fed. Reg. 62,243, 62,249 (Nov. 21, 1997) (stating position but not invoking the authority). But in 2024, given the dramatic increase in quantity and importance of LDTs to modern medicine, FDA issued the Rule to phase out what it terms its prior “enforcement discretion” of non-regulation. This was, effectively, a dramatic expansion of FDA’s regulatory authority given how ubiquitous LDTs are; FDA estimated tens of billions of dollars of anticipated costs (and benefits).

The Trump Administration Proposes Changes to Regulations Governing Insurance Subject to the Affordable Care Act

By Doug Anderson and Jonathan Abele on March 26, 2025 Posted in ACA, Insurance, Proposed Rule

In its first major attempt to reform the Affordability Care Act (“ACA”), the Trump Administration issued a proposed rule on March 10, 2025 (“Proposed Rule”) amending regulations governing insurance coverages subject to the ACA.[1] Public comments on the Proposed Rule will be accepted for consideration until April 11, 2025.

In conjunction with the Proposed Rule, the Centers for Medicare & Medicaid Services (“CMS”) issued a statement explaining that the proposed regulations include “critical and necessary steps to protect people from being enrolled in Marketplace coverage without their knowledge or consent, promote stable and affordable health insurance markets, and ensure taxpayer dollars fund financial assistance only for the people the ACA set out to support.” To support its position, CMS cited a report from the Paragon Health Institute suggesting “4 to 5 million people were improperly enrolled in subsidized ACA coverage in 2024, costing federal taxpayers up to $20 billion.” The impact analysis that accompanies the Proposed Rule shows that the Proposed Rule will reduce enrollment in the ACA plans, reduce the number of people who access premium tax credits and cost-sharing reductions that make coverage more affordable, and limit benefits available to individuals including, specifically, coverage for services related to a sex-trait modification as an essential health benefit.

Firm Launches US Executive Actions Monitor

By Squire Patton Boggs on March 21, 2025 Posted in Executive Actions

Squire Patton Boggs has launched its US Executive Actions Monitor, a site dedicated to tracking executive actions issued by President Donald Trump since taking office.

We offer an overview of all executive orders, providing summaries and analysis of their potential impacts, covering issues from economic and foreign policy to government reform and taxation. Our lawyers and policy professionals will continue to analyze Trump’s executive actions, providing ongoing updates as some of the directed actions may present significant constitutional questions that could be litigated and subsequently overturned or blocked.

As one of the world’s strongest integrated law firms, providing insight at the point where law, business and government meet, our analysis is guided by the skills and resources of both our public policy team and lawyers. This combined legal and policy perspective guides our analysis of Trump’s actions and how they will impact the shape of our nation and the world. You can read more on our Capital Thinking Blog, available here.

HHS Publishes Notice of Proposed Rulemaking to Amend HIPAA Security Rule Requirements—Comments Due March 7, 2025

By Gicel Tomimbang, John Wyand and Julia Jacobson on February 6, 2025 Posted in Cybersecurity, Data Protection, HIPAA, Privacy, Proposed Rule

Summary

On December 27, 2024, the U.S. Department of Health and Human Services, Office for Civil Rights (“HHS”) published its Notice of Proposed Rulemaking (“NPRM”) titled HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected Health Information. HHS seeks comments on proposed modifications to the Security Standards for the Protection of Electronic Protected Health Information comprising 45 C.F.R. Parts 160 and 164, Subpart C, commonly known as the “Security Rule”, to address modern breach and cybersecurity risks to electronic protected health information (“ePHI”)[1] and common deficiencies observed by HHS in Security Rule compliance investigations, and to incorporate current industry best practices[2] and court decisions affecting enforcement of the Security Rule[3].[4] As summarized below, the proposed modifications signal HHS’s commitment to aligning the Security Rule requirements with current cybersecurity standards and addressing areas of non-compliance with more prescriptive measures to enhance ePHI security in the face of evolving cyber threats and technological advancements. HHS invites interested parties to submit comments by March 7, 2025.

Two weeks after the NPRM was published in the Federal Register, President Trump issued an Executive Order requiring a “Regulatory Freeze Pending Review.” The regulatory freeze makes the fate of the proposed Security Rule amendments unclear. If the proposed Security Rule amendments proceed unchanged, regulated entities and health plan sponsors could incur significant combined costs, which HHS estimates at approximately $9.3 billion in the first year of implementation.[5]

Are You Ready? Deadline to Comply with HIPAA Requirements for Reproductive Health Care PHI December 23, 2024

By John Wyand and Gicel Tomimbang on October 28, 2024 Posted in HIPAA, Privacy, Regulations

In response to the shifting legal landscape around reproductive health care, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) finalized amendments to the HIPAA Privacy Rule to strengthen privacy protections for highly sensitive protected health information (PHI) related (or potentially related) to reproductive health care. OCR announced the final rule on the HIPAA Privacy Rule to Support Reproductive Health Care Privacy (Final Rule) on April 22, 2024, which became effective on June 25, 2024. The privacy limitations outlined in this post directly apply to all “Regulated Entities,” meaning that both covered entities and business associates must comply with the HIPAA requirements for PHI pertaining to reproductive health care set forth in the Final Rule.[1] Regulated Entities must comply with most of the Final Rule’s requirements by December 23, 2024. The deadline to comply with requirements pertaining to relevant updates to regulated entities’ Notice of Privacy Practices is February 16, 2026.

Mental Health Parity and Addiction Equity Act Final Rules (“Final Rules”) Are Released: Plans and Issuers Must Prepare for January 1, 2025 Effective Date (US)

By Kristine Woliver, Ima Nsien and Gabrielle Martin on October 21, 2024 Posted in HHS, Insurance, Labor and Employment, Regulations

The long-awaited Final Rules amending the Mental Health Parity and Addiction Equity Act (“MHPAEA”) were released on September 9, 2024, with the bulk of the requirements going into effect on January 1, 2025. As we previously reported here, in August 2023, the Departments of Labor, Health and Human Services (“HHS”) and Treasury (together, the “Departments”) published proposed rules further regulating insurance coverage for treatment for mental health and substance use disorders. Although the Final Rules appear less burdensome than the proposed rules, they do impose significant changes to the obligations of group health plans and health insurance issuers with a short time to achieve compliance. The key provisions are summarized below.

Key Changes in the Final Rules

The Final Rules’ stated intent is to “strengthen consumer protections consistent with MHPAEA’s fundamental purpose,” which includes reducing burdens on access to benefits for individuals in group health plans or with group or individual health insurance coverage seeking treatment for mental health and substance use disorders (“MH/SUD”) as compared to accessing benefits for the treatment of medical/surgical (“M/S”) conditions.

The Final Rules purport to achieve that goal through four key changes to the MHPAEA:

Mandating content requirements for performing a comparative analysis of the design and application of each non-quantitative treatment limitation (“NQTL”) applicable to MH/SUD benefits.
Setting forth design and application requirements and relevant data evaluation requirements to ensure compliance with NQTL rules.
Increasing scrutiny of network adequacy for MH/SUD benefits.
Introducing core treatment coverage requirements to the meaningful benefit standard.

Texas Attorney General Settles with Healthcare AI Firm Over False Claims on Product Accuracy and Safety

By Squire Patton Boggs on September 30, 2024 Posted in Artificial Intelligence, Digital Health

The Office of the Attorney General of Texas (“OAG”) announced a “first-of-its-kind healthcare generative AI” settlement with Pieces Technology, Inc. (“Pieces”). The settlement related to the Texas OAG allegations that Piece’s advertising and marketing claims about the accuracy of its generative artificial intelligence (GenAI) products in violation of the Texas Deceptive Trade Practices – Consumer Protection Act (“DTPA”), Tex. Bus. & Com. Code Ann. § 17.58. The Texas OAG states in its press release that the Piece’s investigation is a “First-of-its-Kind Healthcare Generative AI Investigation.” Squire Patton Boggs attorneys Julia Jacobson and Gicel Tomimbang discuss the OAG’s action and settlement on our Privacy World Blog, which you can read here.

Stark Law & Mailing Physician-Dispensed Prescriptions: From COVID-19 Waivers to Federal Legislative Action

By Michele Munk on September 27, 2024 Posted in Legislation, Stark Law

In August 2024, a federal district court dismissed a lawsuit filed by the Community Oncology Alliance (“COA”), holding that the “in-office ancillary services” exception to the Stark Law does not permit physicians to dispense medications through the physician’s office and then mail prescriptions to the patient’s home. COA v. Becerra, Case No. 23-cv-2168, Doc. 40, United States District Court for the District of Columbia (Aug. 30, 2024).

COA sued the Secretary of Health and Human Services (the “Secretary”) and CMS challenging the policies presented under certain of CMS’s Stark Law “Frequently Asked Questions” (“FAQs”) as violating the Medicare Act and Administrative Procedure Act. COA alleged that prior to the COVID-19 pandemic, the regulations regarding the “in-office ancillary services” exception permitted mailing prescription drugs to patients. In September 2021 and May 2023, CMS published FAQs taking the position that the “in-office ancillary services” exception does not apply when a patient receives an item outside the physician’s office, including prescriptions delivered by mail, as the prescription would not be dispensed to the patient in the physician’s office. COA argued the FAQs violated the Administrative Procedure Act by not following required rule-making procedures. COA also alleged that if physicians are prohibited from mailing prescriptions to patients such regulation would violate the Tenth Amendment of the U.S. Constitution by preventing states from regulating how physicians may dispense cancer drugs to patients.

The Changing Labor Landscape for Healthcare Employers

By Will Kishman on September 18, 2024 Posted in FTC, Labor and Employment, NLRB

In 2024, healthcare employers have faced several new challenges and developments regarding traditional labor obligations. Unions are becoming more prominent in healthcare, including by unionizing doctors at unprecedented rates and by becoming more involved in government-funded projects. At the same time, federal agencies are imposing significant new labor obligations on healthcare employers, regardless of whether or not they have unions representing their employees. While the Federal Trade Commission’s non-compete rule has garnered major attention (as we discussed further here and here), the National Labor Relations Board has its own new positions on restrictive covenants which arguably impact healthcare employers even more than the FTC rule.

These issues are covered further below. For those interested in more detail, Squire Patton Boggs’ Healthcare Industry Group and Labor and Employment Practice Group will be discussing these developments at two upcoming webinars in October. Those interested in a healthcare-focused employment law update should join us on October 22 for our webinar entitled Emerging Issues in the Healthcare Industry: What Healthcare Employers Need to Know by clicking this registration link. Those interested in more detail specifically about labor law and labor union developments should attend our webinar on October 8 entitled Labor Law’s New Landscape: How Another Year of Groundbreaking Changes Will Affect Non-Union and Unionized Employers at this registration link.

FTC Non-Compete Ban Set Aside Nationwide

By Squire Patton Boggs on August 30, 2024 Posted in Antitrust, FTC, Labor and Employment

On August 20, 2024, a Texas federal judge permanently barred the implementation of a controversial Federal Trade Commission (FTC) regulation that would have invalidated tens of millions of existing non-compete agreements and precluded the adoption of new covenants. We discussed the FTC’s non-compete regulation earlier this year. The decision comes as a relief to employers that feared the FTC’s regulation would have made it nearly impossible to prevent unfair competition and protect employers’ investment in its employees and against the misappropriation of confidential and proprietary information. Squire Patton Boggs attorney Laura Lawless discusses the decision and its implications on our Employment Law Worldview Blog, which you can read here.