On December 27, 2013, the Centers for Medicare and Medicaid Services (“CMS”) and the Office of Inspector General of the Department of Health and Human Services (“OIG”) published final rules (“Final Rules”) regarding the electronic health records (“EHR”) donations Stark Law Exception (42 C.F.R. 411.357(w)) and Anti-Kickback Statute Safe Harbor (“AKS Safe Harbor”) (42 C.F.R. 1001.952(y)). The Final Rules amend rules CMS and OIG promulgated in 2006 (“2006 Rules”).
The Prior Stark Law Exception and AKS Safe Harbor
The Stark Law Exception and AKS Safe Harbor promulgated pursuant to the 2006 Rules were set forth to incentivize the use of EHR technology by diminishing the cost of implementing and operating such technology. The 2006 Rules required that donated EHR contain electronic prescribing technology and for the system to be “interoperable” – used to communicate with other software or systems. In addition, the 2006 Rules prohibited donors from limiting the use of the EHR or conditioning EHR donations on conducting business with the donor, required that donations be set forth in a written agreement, and forbade use of the technology for reasons unrelated to medical practice. The 2006 Rules required EHR donees to pay a percentage (15%) of the cost of items and services provided.
Changes Promulgated in the Final Rules
The Final Rules make five key modifications to the 2006 Stark Law Exception and AKS Safe Harbor:
|• The Final Rules update provisions under which EHR software is deemed interoperable by:|
|◦||providing that the Office of the National Coordinator for Health Information Technology (“ONC”), not the HHS Secretary, be responsible for authorizing the certifying bodies|
|◦||eliminating the 12-month certification requirement and allowing certification according to any then-approved edition of the electronic health record certification criteria of 45 C.F.R. part 170;|
|• The Final Rules remove the electronic prescribing capability requirement;|
|•||The Final Rules extend the sunset provision until December 31, 2021, which corresponds to the final year of the Medicaid Meaningful Use incentive payments;|
|• The Final Rules limit the scope of protected donors to exclude laboratory companies|
|◦ effective March 27, 2014; and|
|•||The Final Rules clarify the condition that prohibits a donor from taking any action to limit or restrict the use, compatibility, or interoperability of the donated items or services.|
New EHR Software Interoperability Certification Criteria
OIG and CMS clarified the definition of “interoperability” in an attempt to reduce risk of fraud and abuse. The Final Rules require that EHR technology be deemed interoperable if it has been certified, prior to donation, by a certification body that is authorized by the ONC in accordance to any edition of the EHR certification criteria identified in the then-applicable 45 C.F.R. part 170. This would include the definition of “Certified EHR” found in the HITECH Act. For example, in 2013, the HITECH Act’s definition of “Certified EHR” allowed certification according to the 2014 or 2011 editions of the EHR certification requirement. In 2014, the HITECH Act will allow certification by the 2014 edition only.
Prohibition of Donor-Set Limitations or Restrictions on EHR Usage
To curb the risk of abusive practices emanating from EHR donations, such as data referral “lock-in” between donor and the referral source, the Final Rules advance the free exchange of data. The Final rules clarify that neither a donor “nor any person on the donor’s behalf may take any action to limit or restrict the use, compatibility or interoperability of the donated items or services with other electronic prescribing or other EHR systems, including but not limited to health information technology applications, products or services.” Accordingly, neither donor nor recipients may limit interoperability and donated EHR must be interoperable with other EHR systems, health information exchanges, and other forms of technology.
Careful Navigation Required
Arrangements utilizing the Stark Exception or AKS Safe Harbor for EHR donations require careful review and structuring by experienced counsel. To avoid government enforcement actions and liability stemming from noncompliance, EHR donors and recipients should contact experienced counsel for detailed opinions on proper compliance.