Federal Appellate Court Tosses Out HIPAA Penalty for Healthcare Data Breaches, Criticizes OCR

In a dramatic rebuttal of how the Department of Health and Human Services Office of Civil Rights’ (“OCR”) has historically enforced HIPAA with potential far-ranging consequences, the Fifth Circuit Court of Appeals recently handed down a landmark decision criticizing and restricting how OCR interprets HIPAA and OCR’s penalty authority.  OCR brought an enforcement action against the University of Texas M.D. Anderson Cancer Center (“M.D. Anderson”) stemming from three separate alleged data breaches and violations of various HIPAA requirements. OCR imposed a US$4,348,000 penalty, which M.D. Anderson appealed.  The case eventually reached the Fifth Circuit Court of Appeals.  In rejecting the penalty, the Court criticized not only OCR’s interpretation of the HIPAA regulations generally but also OCR’s penalty calculation in this case.  Our report on the decision prepared by Elliot GoldingKristin Bryan and Christina Lamoureux is available here

Biden Administration 60-day Regulatory Freeze

On Wednesday, January 20, 2021, President Biden’s chief of staff, Ronald A. Klain, circulated a memorandum (memo) to the heads of federal executive departments and agencies outlining an Executive Action implementing a 60-day freeze on any new or pending regulations. This is a customary practice for new administrations. The freeze allows the administration to conduct an appropriate review of these rules to determine if there is any conflict with the President’s policy objectives. Both the Obama and Trump administrations issued nearly identical Executive Actions on their first day in office.

This publication provides additional background on this action and provides a list of regulations in the health and life science fields that the memo may affect.  You can read more about it in our client alert, available here.

AHLA Podcast: Labor and Employment Issues with COVID-19 Vaccine Distribution

Squire Patton Boggs Of Counsel Will Kishman recently participated with Kristin McGurn, Seyfarth Shaw LLP, in an American Health Law Association’s (AHLA) Speaking of Health Law podcast, “Labor and Employment Issues with COVID-19 Vaccine Distribution.”  It has been published on the AHLA’s Speaking of Health Law channel, and is available to the public.  You may access the podcast here.

This timely podcast covers employment issues related to COVID-19 vaccine distribution. The speakers talk about the recent EEOC guidance, including what employers should do about employee objections to the vaccine, and what sort of accommodations must be made in this regard. The program also discusses labor union issues, liability protections, and other state and federal guidance.

UnitedHeathcare Subsidiary Indicted for No-Poach Agreements

The Department of Justice kicked off 2021 with its first publicly filed, two-count indictment against Surgical Care Affiliates, LLC (SCA) and successor entity Scai Holdings, LLC, both accused of criminal antitrust violations for agreeing with other healthcare companies not to solicit each other’s senior-level employees. The charges are the first to come out of an ongoing investigation by the Antitrust Division into alleged no-poach agreements between employers.

The indictment alleges that SCA entered into two bilateral no-poach conspiracies. One agreement between SCA and a Texas based company ran from May 2010 until October 2017. The second agreement, spanning from February 2012 until July 2017, was between SCA and a Colorado based company for the same prohibitive acts.

“The charges demonstrate the Antitrust Division’s continued commitment to criminally prosecute collusion in America’s labor markets,” Assistant Attorney General Makan Delrahim said in a statement. “A freely competitive employment market is essential to the health of our economy and the mobility of American workers. Along with our law enforcement partners, the division will ensure that companies who illegally deprive employees of competitive opportunities are not immune from our antitrust laws.” Continue Reading

Pharmaceuticals Highlighted in the EU-UK Trade and Cooperation Agreement

The EU-UK Trade and Cooperation Agreement (the Agreement), announced just before Christmas, has now been agreed by the UK Parliament and EU Commission. This is now in place with a requirement for further approval by the EU Parliament. The Agreement is wide-ranging but in terms of trade mainly focusses on the supply of goods. As one of the most highly regulated sectors, pharmaceuticals are highlighted in a number of areas with specific provisions that touch on regulatory and intellectual property matters. Continue Reading

Election 2020 Puts Cannabis Center Stage

The cannabis industry was center stage during the November election, collecting a trove of wins making recreational marijuana legal now in 15 states and approved it for medical use virtually nationwide. The overwhelming nods in the recent election made marijuana more mainstream across the country and proved the cannabis industry has built a profound and powerful voice when it comes to messaging and revenue-building in states.

The multiple victories for cannabis on state ballots across the nation are the freshest evidence yet that American attitudes toward cannabis have been transformed. In an era of hyperpartisanship, cannabis reform is one of the few issues that is bringing Americans of different political affiliations and ideologies together. Continue Reading

CMS Publishes Stark Law Final Rules-Updated

In follow up to our post last month, on Wednesday, December 2, The Centers for Medicare and Medicaid Services (CMS) published final rules implementing many of the Stark Law changes first proposed in October 2019 (the Final Rules).

These changes have been adopted to address the shift to a value-based and coordinated healthcare environment. The Final Rules represent CMS’s recognition that the healthcare delivery and payment environment has changed from the “fee-for-service” model under which the Stark Law was developed, and that, in its current form, the Stark Law can impede the development of value-based relationships. In connection with this change, the Final Rules introduce new Stark Law exceptions and revise or re-evaluate many existing Stark Law exceptions and definitions.  You can read our summary of the changes in our latest client alert, available here.

UPDATE:  In December, the Government Accountability Office (GAO) found that the Final Rules’ January 19, 2021 effective date violated the Congressional Review Act, which requires major rules to have a 60-day delay in the effective date from the date of publication in the Federal Register.   This, together with the Biden administration’s recent Regulatory Freeze memo could be used to delay the Final Rules’ effective date.  You can read more about it here.

Supreme Court Rules that Arkansas Act 900, Affecting the Prices that PBMs Pay to Pharmacies, Is Not Preempted Under ERISA

On December 10, 2020, the Supreme Court released its decision in Rutledge v. Pharmaceutical Care Management Association. Justice Sotomayor wrote the Court’s opinion, which was joined by all Members of the Court except Justice Barrett, who did not participate. Justice Thomas filed a concurring opinion, which expressed his prior opinions that the Court’s ERISA preemption tests have strayed from the text of ERISA’s statutory language.

The question presented was whether ERISA preempts Arkansas Act 900, an Arkansas law that regulates the price at which pharmacy benefit managers (PBMs) reimburse pharmacies for the cost of drugs covered by prescription drug plans. PCMA, the Pharmaceutical Care Management Association, which represents some of the largest PBMs in the country, challenged Arkansas Act 900 by arguing that the Act is preempted by ERISA. In the recent Opinion, the Court reversed the judgment of the U.S. Court of Appeals for the Eight Circuit, ruling that Act 900 was not preempted by ERISA.

The Opinion reasoned that Arkansas Act 900’s requirements were too far away from ERISA and ERISA plans to have an “impermissible connection” with ERISA plans, even though the law has an indirect effect on what ERISA plans pay for prescription drugs. “State regulations that merely increase the costs or alter incentives for ERISA plans without forcing plans to adopt any particular scheme of substantive coverage are not preempted by ERISA,” Justice Sotomayor wrote, citing earlier Supreme Court opinions.

The Court’s Opinion is a strict preemption analysis and does not cite to, or reference, the many amicus briefs filed in the case or the political debate surrounding Arkansas Act 900, other than to reiterate the express legislative intent in enacting Arkansas Act 900. PBMs typically use a “maximum allowable cost” list to determine how much pharmacies should be reimbursed. Trade groups for rural and independent pharmacies have argued that PBM’s strategies in reimbursement rates of maximum allowable costs are unfair and can be lower than the pharmacies’ cost to purchase the drug. Conversely, other trade groups in support of PCMA, state that PBMs have expertise in ensuring efficiency and cost reduction, and that drug prices are largely established by drug manufacturers. According to America’s Health Insurance Plans, Inc. (AHIP), PBMs provide incentives to pharmacies to offer low-cost generic drugs and to be more efficient with their drug purchasing. AHIP also claims that PBMs have the expertise in pharmaceutical manufacturing and distribution systems, and that the compliance costs of managing different state regulations make work in this area prohibitively expensive.

The Court’s Opinion may lead to further state regulation of PBMs. A statement from PCMA expressed disappointment and urged states to proceed cautiously: “We are disappointed in the Court’s decision that will result in the unraveling of federal protections under . . . ERISA,” and “As states across the country consider this outcome, we would encourage they proceed with caution and avoid any regulations around prescription drug benefits that will result in higher health care cost for consumers and employers.”

EU Pharmaceutical Strategy

The European Commission President Ursula von der Leyen has put an emphasis on health policy since the beginning of her term, by promoting the development of a number of initiatives that will be published in the months and years to come.

Inevitably, the COVID-19 pandemic has generated a growing demand for better coordination across EU Member States in connection to the management of health systems and health emergency response, an area in which Member States opted to maintain full competence.

A new Pharmaceutical Strategy for Europe, published on 25 November has been one of those initiatives, which aim to establish a future-proof and crisis-resilient pharmaceutical system in the EU. In this client alert, we are looking into the strategy and the future initiatives stemming from the strategy, as well as future health policies that can be expected.

You can read more about this by downloading our client alert, available here.

Cross-Post from Law360: The Legal Implications Of Mobile Health Advancements

This is a cross post from Law360.  Please contact Sarah Rathke, Kristin Bryan or John Wyand with any questions.

In response to American health care needs during the COVID-19 pandemic, the U.S. is seeing a rapid acceleration in mobile health care, however, this new age form of health care does present some risk and legal implications.  In the recently published Law360 article, we discuss the legal implementations facing mobile health care.  Read the full article here.