Archives: Department of Health and Human Services

Subscribe to Department of Health and Human Services RSS Feed

Digital Health Update: Recent FDA Cyber Initiatives

The Food and Drug Administration (“FDA”) has greatly increased its activity around cybersecurity initiatives and medical devices. As we approach the end of the year, this is a great opportunity to review recent developments. FDA Medical Device Cybersecurity Guidance On October 18, 2018, the FDA published draft guidance, “Content of Premarket Submissions for Management of … Continue Reading

Supreme Court To Decide If HHS May Skip Notice And Comment Requirements For Certain Payment Rules

On September 27, 2018, the U.S. Supreme Court agreed to review a D.C. Circuit Court of Appeals decision that had tossed out a new calculation method, employed by the U.S. Department of Health and Human Services (“HHS”), which had cut Medicare payments to hospitals. Azar v. Allina Health Services (“Allina Health”). HHS itself estimated that … Continue Reading

Unauthorized TV Cameras in Hospitals Yield Costly HIPAA Penalties of $999,000

For the second time in as many years, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into settlement agreements with and levied hefty fines on three hospitals that allegedly impermissibly disclosed patients’ protected health information to ABC News in the course of filming a television network documentary series.  OCR announced … Continue Reading

House Panel Examines 340B Legislative Reforms

On Wednesday, July 11, 2018, House lawmakers again signaled their intent to reform the US Department of Health and Human Services (HHS), Health Resources and Services Administration’s (HRSA) 340B Drug Pricing Program (340B) during an Energy and Commerce (E&C) Subcommittee on Health hearing. Since 2015, both E&C and the Senate Health, Education, Labor, and Pensions … Continue Reading

DC Circuit Rejects HHS Rule Barring Hospital Medicare Appeals Challenging Longstanding Erroneous “Predicate Facts”

On June 29, 2018, the DC Circuit ruled that HHS could not apply in PRRB appeals a 2013 “reopening” regulation, which purports to bar the adjudication of “predicate facts” beyond 3 years after the facts had been determined. St. Francis Medical Center v. Azar (D.C. Cir. June 29, 2018). The court held that the agency’s … Continue Reading

How To Avoid Paying $2,000 A Day To Encrypt ePHI

Let’s hope you don’t pay that much to encrypt electronic Protected Health Information (ePHI). How about a total of $4.3 million over two years? Well, that’s the total penalty for encryption violations assessed by Health and Human Services (HHS). An Administrative Law Judge found the penalty could have been much worse. The facts are sobering. … Continue Reading

Right to Try Investigational Drugs Signed Into Law

Right to Try Investigational Drugs Signed Into Law On May 30, 2018, S. 204, the Trickett Wendler, Frank Mongiello, Jordan McLinn, and Matthew Bellina Right to Try Act of 2017 (Pub. L. No. 115-176, “Right to Try Act”) was signed into law. The Right to Try Act amends the Federal Food, Drug, and Cosmetic Act … Continue Reading

CMS is Accepting Proposals for New Measures for the Medicare Promoting Interoperability Program until June 29

CMS is Accepting Proposals for New Measures for the Medicare Promoting Interoperability Program until June 29 The Centers for Medicare & Medicaid Services (CMS) is seeking the submittal of measure proposals for the Annual Call for Measures for eligible hospitals and critical access hospitals participating in the Medicare Promoting Interoperability (PI) Program (formally known as … Continue Reading

HHS OCR Issues New Research Guidance

As part of its ongoing implementation of the 21st Century Cures Act (Public Law 114-255), the Department of Health and Human Services last month released a number of new HIPAA guidance tools, including additional information about research uses and disclosures.  The research guidance contains helpful tips for covered entities regarding authorizations, revocations, and “reviews preparatory … Continue Reading

House Committee Chairman Asks HHS to Develop Health Care Cyber Risk Plan

Last week, the Chairman on the House of Representatives’ Committee on Energy and Commerce, Greg Walden (R-OR), sent a formal letter to the Dept. of Health and Human Services (“HHS”) requesting that HHS “develop a plan of action for creating, deploying, and leveraging [bill of materials] for health care technologies.” Walden gave HHS until December … Continue Reading

Fundamental Right to be a Federal Healthcare Provider?

Rejecting a contrary holding in the Fourth Circuit, the Sixth Circuit decided a healthcare provider has no “fundamental right to participate in federal health care programs.” Accordingly, the Department of Health and Human Services (HHS) was correct to exclude a pharmacist from federal healthcare programs simply because he was convicted of misdemeanor misbranding.… Continue Reading

HHS Task Force Identifies Critical Cybersecurity Recommendations

The recent WannaCry ransomware attack and the bevy of breaches over the past few years demonstrate that cyber risks in the healthcare arena are substantial and widespread. The Department of Health and Human Services (HHS) Health Care Industry Cybersecurity (HCIC) Task Force Report (HCIC Report), required under the federal Cybersecurity Information Sharing Act of 2015, … Continue Reading

OIG Expands Anti-Kickback Statute and Civil Monetary Penalties Protections

Late last year, the Department of Health and Human Services Office of the Inspector General (OIG) published a final rule (Final Rule) that amends the safe harbors to the federal Anti-Kickback Statute (AKS) by modifying an existing safe harbor, adding new safe harbors and codifying existing statutory provisions that provide further protections from sanctions under the … Continue Reading

MACRA and Medicare Payment Reform: CMS Plans Increased Flexibility on Provider Participation

On Thursday, CMS announced that it intends to allow providers to “pick their pace of participation” for the first compliance year of Medicare’s new payment reform model emphasizing quality patient care.  The start of the first compliance year is January 1, 2017. Thursday’s announcement lays out four options that allow providers more flexibility to comply … Continue Reading

HHS and Cuba’s Ministry of Public Health Sign a Historic MOU

Last month, the U.S. Department of Health and Human Services (HHS) entered into a historic Memorandum of Understanding (MOU) with Cuba’s Ministry of Public Health. The MOU establishes coordination across a broad spectrum of public health issues, including: Healthcare systems and public health management; Quality management and patient safety systems in hospitals and outpatient settings; … Continue Reading

AHA Renews Objections to OIG Hospital Compliance Reviews

In a move that could affect all hospitals reimbursed by Medicare, the American Hospital Association (AHA) this week renewed strenuous objections to various aspects of ongoing hospital compliance reviews conducted by the Department of Health and Human Services (HHS) Office of Inspector General (OIG). AHA’s most recent correspondence references the “numerous legal defects” it had … Continue Reading

House Prevails in Challenge to Administration’s Funding of ACA Cost-Sharing Provision

Yesterday, in a blow to the Obama Administration, the United States District Court for the District of Columbia struck down a key ACA provision designed to reduce insurance costs. Specifically, Section 1402 of the ACA requires insurers participating in the Exchanges to reduce deductibles, coinsurance, copayments, and other means of cost-sharing on qualified health plans. … Continue Reading

CMS Issues Proposed Rule on MACRA Physician Payment Systems

The Centers for Medicare and Medicaid Services (CMS) recently released a proposed rule (the “Proposed Rule”) establishing two physician payment systems introduced by the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA).  These two systems, the Merit-based Incentive Payment System (MIPS) and the Alternative Payment Models (APM), change the way Medicare incorporates quality metrics … Continue Reading

Two-Midnight Rule Update: CMS Proposes to Eliminate .2% Payment Reduction By Increasing FY 2017 IPPS Rates

Today, CMS submitted to the Federal Register (for publication on April 27th) its annual notice of proposed IPPS rates and policy changes for federal fiscal year (“FY”) 2017.  Today’s notice contains a proposal to eliminate permanently the .2% payment reduction that CMS had implemented in FY 2014 to offset a projected net increase in IPPS … Continue Reading

Task Forces in 10 States Target Providers of Services to Elderly

On March 30, 2016, the US Department of Justice (DOJ) announced that healthcare providers who serve the elderly in the following 10 states will have task forces looking over their shoulders: California, Georgia, Kansas, Kentucky, Iowa, Maryland, Ohio, Pennsylvania, Tennessee and Washington. Known as the Elder Justice Task Forces (Task Forces), these partnerships combine the … Continue Reading

Ransomware Scandals Rock Hospital Systems; HHS’ Proposed Rule May Help

Hospital systems are on notice for ransomware attacking their health IT systems after three hospital systems are reported to be victims of computer viruses.   In response, one hospital system paid almost $17,000 in Bitcoin to retrieve their EHR, while the other two hospital systems worked off paper records and backup systems for a few days … Continue Reading

CMS Creates Standardized Plans for Health Insurance Exchanges

On February 29th, CMS published its final rule regarding the 2017 benefit and payment parameters for the Federally-facilitated health insurance exchanges.  As part of the final rule, CMS creates standardized health care plans that insurers can offer on the exchanges. CMS created the standardized plans in order to simplify health insurance shopping for consumers.  According … Continue Reading

Malicious Malware Brings On a Major HIPAA Headache

The United States Department of Health and Human Services (HHS) recently entered into a $750,000 resolution agreement with the University of Washington (UW) following an investigation.  The investigation was prompted by UW reporting a breach of about 90,000 people’s personal health information (PHI) after an employee unknowingly downloaded malicious malware from an email attachment. Similar … Continue Reading
LexBlog