What Are the Changes?

On April 26, 2024, the U.S. Department of Health and Human Services (“HHS”) issued a final rule (the “Final Rule”) along with guidance updating the Health Insurance Portability and Accountability Act (“HIPAA”) regulations at 45 C.F.R. Parts 160 and 164 (the “Privacy Rule”). The Final Rule prohibits the use or disclosure of protected health information (“PHI”) for the purpose of (1) conducting criminal, civil, or administrative investigations into, or (2) imposing criminal, civil, or administrative liability on any person for the mere act of seeking, obtaining, providing, or facilitating reproductive health care that is legal when provided. The Final Rule also prohibits the use or disclosure of PHI in order to (3) identify any person for any of those purposes (the “Prohibition”).[1]Continue Reading HHS Changes HIPAA Privacy Rule to Restrict the Disclosure of Reproductive Health Care Information

On May 16, 2024, the California Office of Health Care Affordability (“OHCA”) released proposed emergency regulations to update its existing rules for the reporting of certain health care transactions to OHCA for consideration of whether a Cost and Market Impact Review (“CMIR”) is warranted under the California Health Care Quality and Affordability Act. The current CMIR regulations became effective January 1, 2024, for transactions with a proposed closing date on or after April 1, 2024.Continue Reading Update on California Health Care: Cost and Market Impact Regulations

On April 29, 2024, the Food and Drug Administration (FDA) announced a Final Rule amending regulations to make explicit that in vitro diagnostic products (IVDs) are devices under the Federal Food, Drug, and Cosmetic Act including when the manufacturer of the IVD is a laboratory. Under the new rule, the FDA will phase out its laboratory developed test (LDT) enforcement discretion policy over a four-year period. The phaseout policy “applies to IVDs that are manufactured and offered as LDTs by laboratories that are certified under CLIA[1] and that meet the regulatory requirements under CLIA to perform high complexity testing, and used within such laboratories, even if those IVDs do not fall within FDA’s traditional understanding of an LDT because they are not designed, manufactured, and used within a single laboratory.”Continue Reading Discretion No More: FDA’s New Final Rule Regulating Laboratory Developed Tests

On February 8, 2024, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) finalized long-awaited modifications to the Confidentiality of Substance Use Disorder (SUD) Patient Records regulations at 42 C.F.R. Part 2, which requires individuals or entities that receive federal funding and provide SUD treatment to implement additional privacy protections and obtain specific consent before using and disclosing SUD treatment records (see 42 C.F.R. § 2.11).Continue Reading Confidentiality of Substance Use Disorder Records: HHS Finalizes Changes to Part 2 Rule

U.S. Senators Angus King (I-ME) and Marco Rubio (R-FL) recently introduced a bill addressing cybersecurity protections and oversight in the healthcare industry. The Strengthening Cybersecurity in Health Care Act, introduced on February 8, 2024, aims to bolster a vulnerable and often-targeted industry against cyberattacks. The proposal follows a number of significant cyberattacks on healthcare organizations in recent years; Senator King noted that approximately 133 million people, or nearly one in three Americans, had their personal information compromised in 2023 alone.Continue Reading Cybersecurity in Healthcare: Pending Bill Calls for Tougher Protections

The plan of a healthcare consulting firm (the “Firm”) to give gift cards to physicians in exchange for referrals to new customers does not violate the Federal Anti-Kickback Statute (the “AKS”), according to an Advisory Opinion from the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General (“OIG”). The Firm provides practice optimization services including data analytics services, electronic health record consulting services, compliance monitoring, and assistance with Merit-Based Incentive Payment System (“MIPS”) performance measures and submissions. Importantly, the Firm does not provide any services, nor does it invest in or own any other entity that provides services, that would be paid for, in whole or in part, directly or indirectly, by a Federal health care program.

Under the proposed plan, the Firm would give current customers $25 gift cards in exchange for recommending its consulting services to other physicians. If the recommendation were successful, the recommender would receive an additional $50 gift card.Continue Reading Gift Card Giveaway Does Not Violate Anti-Kickback Statute, HHS Says

On November 28, 2023, the California Office of Health Care Affordability (“OHCA”) submitted proposed emergency regulations (the “Regulations”) on the reporting of certain transactions involving health care entities for review by the California Office of Administrative Law, the final step in the regulation process. The final Regulations, reflecting changes in response to public comments and those proposed by the Office of Administrative Law, were released on December 18, 2023, and will apply as of January 1, 2024, to covered transactions with a proposed closing date on or after April 1, 2024. Earlier articles covered the draft regulations and revised regulations, which parallels similar reporting regulations in nine other states, including Massachusetts, Washington, and Oregon. New York is proposing similar regulations for adoption in 2024.

This article will comment on the most recent changes to the Regulations and certain practical issues that must be considered in future transactions that will be subject to the reporting regime and cost and market impact reviews (“CMIR”).Continue Reading California Health Care Transaction Reporting Regulations Update

Wyoming physicians are sometimes confronted with the awkward and difficult choice of whether to bring a colleague’s potentially unprofessional, unethical, or harmful conduct to light by making a report to a hospital’s peer review committee, or even the Wyoming Board of Medicine in some circumstances. However, physicians are often unsure whether such a report is justified, and whether it is ethically or legally required. Whether a report is justified or ethically required in any particular situation is beyond the scope of this article–however, we can shed light on whether it is required by Wyoming law.Continue Reading A Higher Power: Physician obligations to report another physician’s conduct under Wyoming law

In the ever-evolving landscape of COVID-19 regulations, Texas has taken a unique stance with Senate Bill 7, which was signed into law by Texas Governor Greg Abbott on November 10, 2023. This legislation specifically addresses COVID-19 vaccination mandates in the private sector, introducing a series of measures aimed at protecting employees’ rights while balancing public health concerns.Continue Reading Texas Enacts Ban on COVID-19 Vaccine Mandates from Private Employers

In July of this year, the California Office of Health Care Affordability (“OHCA”) released draft regulations requiring the advance reporting of certain healthcare transactions that could affect the cost of healthcare or adversely impact the healthcare market in California. These reporting requirements implement provisions of amendments to the California Health and Safety Code enacted in 2022, which authorized OHCA to review proposed transactions and, if appropriate, undertake a detailed cost and market impact review (“CMIR”) to determine the potential impact on the health care economy of California.Continue Reading Revised California Regulations for Reporting Health Care Transactions