Dear Health Law Section Members:
The Health Law Section (“HLS”) website has been updated with August through September 2018 articles on significant developments in the health law arena that may be of interest to you in your practice. These summaries are presented to HLS members for general information only and do not constitute legal advice from The Florida Bar or its Health Law Section. HLS thanks the following volunteers who have generously donated their time to prepare these summaries for our members:
Jocelyn Ezratty, Esq., Di Pietro Partners, LLP
Christian Perez Font, Managing Partner, Thinkeen Legal, P.A.
Anne Kelley, J.D. Candidate, University of Florida
Erica C. Mallon, Esq., Corporate Counsel, Greenway Health
Zachary Merson, Corporate Counsel, Availity
Francesca Ozinal, Associate, Epstein Becker & Green, P.C.
Kathleen Premo, Member, Epstein Becker & Green, P.C.
Megan Robertson, Associate, Epstein Becker & Green, P.C.
Timothy Wombles, Esq., Associate, Nelson Mullins Broad and Cassel
Jamie Gelfman, Esq., Nelson Mullins Broad and Cassel, HLS Editor in Chief
Christian Perez Font, Esq., Thinkeen Legal, P.A., HLS Team Editor
Elizabeth Scarola, Esq., Epstein Becker Green P.A., HLS Team Editor
Download the Word DOCX or PDF versions of the Updates using the links below:
August September 2018 HLS Updates (DOCX)
August September 2018 HLS Updates (PDF)
Advisory Opinion Finds Group Purchasing Organization Able to Provide Services to its Affiliate Hospitals and Entities
As health providers turn to more innovative offerings and business models, uncertainties arise with structuring new deals. In its July 30, 2018 Advisory Opinion, No. 18-07, the Office of Inspector General (“OIG”) interpreted new specialty uses for Group Purchasing Organizations (“GPOs”) under the federal Anti-Kickback Statute (the “Advisory Opinion”).
GPOs negotiate volume discounts on behalf of hospitals and health care facilities. They charge product and service vendors an administrative fee in exchange for access to sales at the applicable hospitals and health care facilities.
In the Advisory Opinion, a GPO sought advice (the “Requestor”) regarding a proposed arrangement under which it would offer GPO negotiation services for innovative and specialty healthcare products and services. These specialty products and services are fairly new to the healthcare industry and are not offered by typical GPOs. In the Advisory Opinion, the Requestor certified that it offered a portfolio of specialty products and services, including “information technology platforms, emergency department services and staffing, physician recruitment, telemedicine physician consults, human resources personnel and services, and refurbished equipment.” Much of these specialty group negotiation services are a reflection of the evolving business models that include outsourcing personnel services and incorporating new technology into patient care.
The Requestor sought clarification on the existing corporate structure of its parent company. The Requestor’s parent company also owns hospitals and health care facilities. The Requester wished to provide group negotiation services to those hospitals and health care facilities owned by the Requestor.
Although the arrangement would not qualify for GPO safe harbor protection because it would not satisfy the definition of a “GPO” as defined by the regulations, the OIG concluded that such an arrangement would not warrant administrative prosecution.
The OIG emphasized a few points to justify its position. The Requestor’s affiliated hospitals and facilities wished to utilize the specialty products and services provided by its innovative, affiliate-GPO in an effort to reduce costs. The OIG emphasized that because the traditional GPOs that theses affiliate hospitals and facilities were already using did not offer the specialty services, they were left to negotiate the specialty product and services lines on their own. That is, unless the affiliate hospitals and facilities were permitted to take advantage of the services offered by the affiliated Requestor.
This Advisory Opinion is a reflection of the evolving health care models into increased outsourcing of personnel and incorporating more health technology into medical practices. These modern models help to cut costs in a time when traditional hospitals have been struggling to stay afloat. Whereas some of the regulatory limitations required for safe harbor protection may have discouraged affiliate entities from venturing into cost-effective and innovative business models in the past, this new guidance from the OIG opens the door for health care affiliate entities to venture more comfortably into cost effective and innovative offerings.
Submitted by: Jocelyn Ezratty, Esq., Di Pietro Partners, LLP
FRAUD AND ABUSE UPDATES
OIG Portfolio Highlights Hospice Fraud and Quality-of-Care Concerns
On July 31, 2018, the Office of Inspector General (“OIG”) of the United States Department of Health and Human Services released a portfolio titled “Vulnerabilities in the Medicare Hospice Program Affect Quality Care and Program Integrity” (the “Portfolio”).
The Portfolio provides 15 recommendations to the Centers for Medicare & Medicaid Services (“CMS”) regarding hospice oversight based upon a review of the Medicare hospice benefit and hospice care generally since 2005. Notably, the Office of Evaluation and Inspections conducted the study, as opposed to the Office of Audit Services, indicating that the study was a broad, investigative look into the hospice industry rather than a more focused review typical of an OIG audit assessment. The study examined prior OIG evaluations and audits of billing and quality of care, as well as investigations of hospice-related fraud cases.
The Portfolio highlights the growth of hospice utilization and reimbursement over the last decade, and describes OIG’s findings with respect to the adequacy and quality of hospice services provided to Medicare beneficiaries. The Portfolio also highlights the importance of providing adequate education to hospice patients and their families and caregivers about the CMS hospice benefit. While OIG acknowledges that not all hospice care facilities have the vulnerabilities identified in this Portfolio, it is important for stakeholders to review the concerns and recommendations expressed by OIG in the Portfolio in order to get a full picture of the government’s stance and to evaluate their services for any of the identified deficiencies that may subject them to enforcement risk.
Compliance and Enforcement Considerations
The Portfolio demonstrates continued scrutiny of hospice services by the government and represents a trend toward ongoing government enforcement against the hospice industry. Therefore, to mitigate risk, it is important that the hospice industry consider the government’s current focus, as outlined below, and incorporate mitigation efforts into corporate compliance programs. The key risk areas include the following:
Specific Service Considerations
The Portfolio focuses on the provision of and billing for varying levels of care as well as evaluation of the care setting. The Portfolio indicates that hospice providers performing solely routine services are under more intense scrutiny than hospice providers providing other levels of care. OIG highlights that between 2006 and 2016, hundreds of hospices provided only routine home care, the most basic level of care, to all of their beneficiaries served throughout the year. This trend is increasing over time. In 2016, over 650 hospices provided only routine home care, which is a 55 percent increase from 2011. When a hospice provider’s services are limited to routine home care, the government is concerned that beneficiaries might not have access to the more intensive services they need despite the obligation that hospice facilities provide all services necessary for the management of the patient’s illness and related conditions. The Portfolio emphasizes that it is critical that hospice providers also provide general inpatient care and continuous home care when patients need more intensive services. A failure to provide all levels of care to beneficiaries, as well as respite inpatient care to caregivers, could be problematic from the government’s perspective. Providers should incorporate awareness of the case mix into their compliance efforts.
OIG also identified significant inappropriate billing by hospices for services not meeting Medicare requirements for the level of care billed. Some hospices billed for inappropriate levels of care and for expensive levels of care that the patient did not need. Specifically, the Portfolio indicates that in 2012 hospices billed one-third of all general inpatient care stays inappropriately, costing Medicare over $250 million. General inpatient care is the second most expensive level of care, and hospices often billed for it when the beneficiary needed only routine home care. Hospices received an unadjusted daily fixed payment rate of $672.00 a day for inpatient care instead of $151.00 a day for routine home care.
A major takeaway from the Portfolio is OIG’s particular focus on for-profit hospices providing care to patients in skilled nursing facilities (“SNFs”) or assisted living facilities (“ALFs”). OIG maintains a skepticism toward for-profit hospices, and specifically identifies these hospice providers as potential “bad actors.” OIG highlights certain data points to support such skepticism, providing that, while for-profit hospices billed 41 percent of their general inpatient care stays inappropriately, nonprofit and government-owned hospices billed 27 percent of their general inpatient stays inappropriately. Also, based on its findings, OIG stated that hospices were more likely to bill inappropriately for general inpatient care provided in SNFs than in any other care setting. Moreover, OIG believes that hundreds of hospices targeted beneficiaries in certain care settings, such as ALFs, who have long lengths of stay in order to receive higher Medicare payments. Again, OIG specifically draws attention to for-profit hospices whose service and billing practices result in reimbursement levels of thousands of dollars more than nonprofit hospices per beneficiary in ALFs. Similarly, OIG believes that for-profit hospices also target beneficiaries in nursing facilities because these beneficiaries commonly have conditions associated with less complex care, longer stays, and more Medicare payments.
Another area of focus in OIG’s recommendations is the adequacy of physician attestations, clinical documentation, financial records, and other documents that support claims for reimbursement. The study found that some hospice physicians are not meeting requirements when certifying beneficiaries. In particular, physicians did not explain their clinical findings or attest that their findings were based on their examination of the beneficiary or review of medical records. Relatedly, many physicians were found to have provided patients and their families with incomplete or inaccurate election statements resulting in a lack of clarity among beneficiaries, their families, and caregivers around what beneficiaries are entitled to receive or give up with the election of hospice services.
Medical Necessity and Eligibility and Appropriateness of Benefits
OIG also discovered a number of fraud schemes involving hospices inappropriately billing beneficiaries. For example, OIG identified fraud schemes in which hospice providers paid recruiters to target beneficiaries who were not eligible for hospice care and other schemes in which physicians falsely certified a patient’s eligibility for hospice care. Beneficiaries who are inappropriately enrolled in hospice care may unwittingly forgo needed treatment or will not have their services reimbursed as Medicare only pays only for palliative care and not for curative treatment.
The key to mitigating the risks identified in the Portfolio and shielding hospice providers from government enforcement inquiries or actions is maintaining an effective corporate compliance program. Even if a hospice provider already has a compliance program in place, it must be reevaluated based on OIG’s recent findings. The compliance program should focus on ensuring that providers are providing the appropriate level of care in the appropriate care setting. Providers should provide the four levels of Medicare reimbursed hospice care based on each patient’s medical need and when appropriate regardless of reimbursement considerations. Physicians must accurately certify a beneficiary’s terminal illness and the appropriateness of hospice care. Consequently, hospices need to ensure that claims data is as accurate as possible. Hospices must also make sure that proper education materials on the hospice benefit are provided to their patients and their caregivers.
Quality Program Considerations
A common thread woven throughout the Portfolio is the emphasis that OIG places on the need for increased attention to the quality of hospice care. In particular, OIG describes elements of hospice care where quality is lacking, and attributes some specific quality issues to the current payment methodology used by Medicare for hospice services.
Elements of Hospice Care with Trends of Poor Quality
OIG described specific instances in which evaluations and investigations revealed that hospice services have fallen short of quality care. The Portfolio also notes instances of hospices consistently failing to provide the services identified in the patient’s plan of care. OIG stated that adherence to a plan of care for a beneficiary is crucial and that the plans should be individualized and detailed, especially with respect to the scope and frequency of needed services. OIG also provides examples of hospices failing to properly manage a beneficiary’s medication, leaving the beneficiary in pain for long periods of time. While the examples of hospices failing to provide quality care are concerning, it appears these reports reflect isolated bad actors in the hospice industry. However, one wonders if the broader skepticism associated with hospice quality of care by OIG can be attributed to a difference in understanding of disease progression and treatment alternatives.
Quality Issues Attributed to Payment Methodology
The Portfolio opines that Medicare’s current reimbursement methodology contributes to the issue of poor quality. The Medicare hospice benefit pays for every day that a patient is in care, as opposed to paying for specific services provided to beneficiaries. OIG also expresses significant concern that payment for hospice care is not tied to any quality measures, and recommends that CMS alter the system to tie payment to quality of care. Thus far, CMS has maintained that it does not have the statutory authority to introduce the quality measures that OIG suggests into the hospice payment methodology. However, the discord here could be an indication that a major hospice payment reform could be initiated in the future.
In light of the emphasis that OIG places on the quality of care throughout the Portfolio, hospice facilities should be proactive rather than reactive in building a robust quality-oriented program. Stakeholders should monitor the areas of concern identified by OIG and assess the status of these highlighted concerns in anticipation of their possible impact on payment in the future. Stakeholders should also conduct an assessment of their compliance programs to identify any areas of enforcement risk based on the concerns expressed by OIG in the Portfolio.
Submitted by: Kathleen Premo, Member, Epstein Becker & Green, P.C.
Francesca Ozinal, Associate, Epstein Becker & Green, P.C.
Megan Robertson, Associate, Epstein Becker & Green, P.C.
OCR Settles HIPAA Breach Involving Three Boston-Area Hospitals
On September 20, 2018, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) entered into three separate settlement agreements totaling $999,000.00 with Boston Medical Center, Brigham and Women’s Hospital, and Massachusetts General Hospital. According to OCR’s press release, the three Boston hospitals violated HIPAA by inviting ABC film crews onto their premises to film a documentary series without first obtaining authorization from patients.
While both the resolution agreements and the press release do not provide much detail about the nature of the breach, it is clear that OCR is committed to ensuring that the privacy of patients during “their most private and vulnerable moments” remains protected at all times.
These enforcement actions raise important questions about the scope of patients’ reasonable expectation of privacy within hospital settings. In the past, the Supreme Court has recognized in various decisions that an individual’s reasonable expectation of privacy largely depends on context (i.e., individual expectation of privacy is greater at home or in private spaces than it is in public ones). The reasons why an individual may be at a particular location can also affect whether he or she has a reasonable expectation of privacy. For instance, a hospital patient’s expectation of privacy may be very different than that of friends or family visiting the patient at the hospital. In fact, the expectation of privacy can even be different depending on where in the hospital the patient might be (i.e, in the parking lot or reception versus in the examination room). Therefore, hospitals should consider context and the possible need for customized rules when creating policies for allowing television or film crews into their facilities.
The OCR press release and the three resolution agreements are available at: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/bostoncases/index.html
Submitted by: Christian Perez Font, Managing Partner, Thinkeen Legal, P.A.
HHS Contemplates Changes to the HIPAA Privacy Rule and 42 C.F.R. Part 2 to Battle the Opioid Epidemic
The Department of Health and Human Services (“HHS”) will issue requests for information (“RFIs”) in regards to changing the HIPAA Privacy Rule (45 C.F.R. Part 160 and Subparts A and E of Part 164) and 42 C.F.R. Part 2 to allow payers and providers to more effectively fight the opioid epidemic affecting the country. HHS Secretary Alex Azar noted that the HIPAA Privacy Rule and 42 C.F.R. Part 2 can “get in the way of communities and families working together to combat our country’s crisis of opioid addiction.”  However, some experts argue that changes are to the HIPAA Privacy Rule are not required because healthcare professionals have the ability to act in the best interest of their patients, despite many providers avoiding disclosure of patient records without consent due to hyper-cautiousness.
On June 20, 2018, the House of Representatives passed the Overdose Prevention and Patient Safety Act (HR 6082, or the “Act”) which would amend 42 C.F.R. Part 2 to allow providers to disclose substance abuse patient records to other covered entities for purposes of treatment, payment and operations, without patient consent. As currently drafted, 42 C.F.R. Part 2 prohibits providers from sharing a patient’s substance abuse history without consent in an effort to encourage treatment for substance abuse addiction. Opponents to the Act argue that its passage jeopardizes the confidentiality of substance abuse treatment and will discourage individuals from seeking such treatment.  Similarly, opponents allege that 42 C.F.R. Part 2 needs stricter disclosure requirements than the HIPAA Privacy Rule because of the pervasive discrimination that exists regarding addiction.
Proponents of the Act, including many providers, have requested changes to 42 C.F.R. Part 2 to allow the sharing of substance abuse information among healthcare professionals without patient consent. Specifically, providers would like 42 C.F.R. Part 2 to mirror the HIPAA Privacy Rule, which allows providers to share protected health information without patient consent for the purposes of “treatment, payment, and health care operations.”
Regardless of whether HR6082 becomes law, both proponents and opponents of the Act agree that more must be done to combat the Nation’s opioid crisis.
Submitted by: Zachary Merson, Corporate Counsel, Availity, LLC
CMS Extends Enrollment Moratoria in Florida, Illinois, Michigan, Texas, Pennsylvania, and New Jersey For Certain Providers
The Centers for Medicare and Medicaid Services (“CMS”) extended the Medicare enrollment moratoria for home health agencies in Florida, Illinois, Michigan, and Texas and non-emergency ground ambulance providers in Pennsylvania and New Jersey effective July 29, 2018 for an additional six (6) months. Most recently, CMS extended the Medicare enrollment moratoria of home health agencies in Florida, Illinois, Michigan, and Texas and non-emergency ground ambulance providers in Pennsylvania and New Jersey on January 30, 2018.
Section 6401 of the Patient Protection and Affordable Care Act authorized CMS to impose temporary moratoria on the initial enrollment or establishment of new practice locations if the Secretary of CMS determined that such moratorium was necessary to prevent or combat fraud, waste, or abuse with respect to a particular provider or supplier types, particular geographic areas, or a combination of both. In 2013, CMS exercised this authority and imposed moratoria preventing enrollment of new home health agencies and branches in Miami-Dade County, Florida, and Cook County, Illinois, and the surrounding counties. Simultaneously, CMS imposed a moratorium on enrollment of Medicare Part B ground ambulance suppliers in Harris County, Texas, and the surrounding counties.
CMS exercised its authority to extend the initial moratoria on February 4, 2014, for an additional six (6) months and expanded the moratoria to also preclude enrollment of home health agencies in Broward County, Florida; Dallas County, Texas; Harris County, Texas; and Wayne County, Michigan, and surrounding counties, and expanded the moratorium of enrollment of ground ambulance suppliers to Philadelphia, Pennsylvania, and the surrounding counties. CMS further extended the moratoria on August 1, 2014, February 2, 2015, July 28, 2015, and February 2, 2016. When extending the moratoria on August 3, 2016 for an additional six (6) months, CMS expanded the home health agency moratorium statewide for Florida, Illinois, Michigan, and Texas and extended the Part B non-emergency ambulance moratorium statewide in New Jersey, Pennsylvania, and Texas.
Due to the August 25, 2017, Presidential Disaster Declaration for several Texas counties after Hurricane Harvey, CMS lifted the moratorium on non-emergency ground ambulance suppliers in Texas to assist with disaster response. The remaining moratoria prohibiting new enrollment of home health agencies in Florida, Illinois, Michigan, and Texas and non-emergency ground ambulance providers in Pennsylvania and New Jersey remain in place.
Submitted by: Timothy Wombles, Esq., Associate, Nelson Mullins Broad and Cassel
CMS “Major Proposed Rule” Attempts to Reflect Current Changes in Medical Practice in its Payment Systems
In July, the Centers for Medicare & Medicaid Services (“CMS”) published a proposed rule that addresses a number of topics; namely, changes to the Medicare physician fee schedule (“PFS”) and other Medicare Part B payment policies. These proposed changes could have significant effects on providers and services that are rendered within the increasingly expansive sphere of telemedicine. CMS proposes certain services that would not be subject to the limitations on Medicare telehealth services in section 1834(m) of the Social Security Act, and instead would be paid under the PFS like other physicians’ services. CMS reasons that these services are not considered by it to be Medicare telehealth services.
For example, in the proposed rule, CMS confronts the issue of brief “check-in” services furnished using communication technology that are used to evaluate whether or not an office visit or other service is warranted. Currently, when these kinds of check-in services are furnished prior to an office visit, they are bundled into the payment for the resulting visit. However, an inconsistency arises when these check-in services do not result in a visit, and thus there is no opportunity for payment of the service to be bundled.
CMS attempts to combat this issue by proposing to pay separately, beginning January 1, 2019, for a “newly defined type of physicians’ service furnished using communication technology.” The proposed code, described as GVCI1 (Brief communication technology-based service), would provide that check-in services described above, originating from a related E/M service provided within the previous seven days by the same physician or other qualified healthcare professional, be bundled into the pre- or post-visit time of the associated E/M service and not be separately billable. On the contrary, if the telehealth service is not related to an office visit within the past seven days and does not result in a future office visit or related service, CMS proposes a separate payment for the service. Additionally, CMS would also make separate payments for consultations between professionals performed through communications technology regarding a patient’s treatment.
CMS hopes such changes will aid in advancing its overall effort to “further expand access to telehealth services within the current statutory authority and pay appropriately for services that take full advantage of communication technologies.”
The comment period for this proposed rule ended on September 10, 2018.
Submitted by: Anne L. Kelley, J.D. Candidate, UF Levin College of Law
A New Age for Healthcare Mergers
The pending mergers of Cigna and Express Scripts and CVS Health and Aetna are examples of the ever-changing healthcare marketplace. Both transactions have faced opposition, Cigna and Express Scripts from significant Cigna investor Carl Icahn, who alleged Cigna was overpaying for a company that faces an uphill battle, and CVS Health and Aetna, from California Insurance Commissioner Dave Jones, who asked the United States Department of Justice (“DOJ”) to block the merger over concern that reducing competition for Medicare Part D plans would likely result in higher premiums.
Cigna and Express Scripts cleared their largest and final regulatory hurdle on September 17, 2018, when the DOJ approved the proposed $67 billion merger, which was announced in March and is scheduled to close at the end of 2018. The DOJ determined that the merger would not harm competition in either the insurance or pharmacy benefit manager markets, and does not impede efforts to lower drug prices and increase quality of care. The DOJ said it reviewed more than two million documents and interviewed more than 100 industry experts during its six-month investigation.
Meanwhile, the DOJ’s antitrust review of CVS Health’s $69 billion bid to acquire Aetna, which would combine a pharmacy, benefits manager, insurer, and retailer with more than 1,000 walk-in clinics across 33 states into one entity, is ongoing. Sources have indicated that the DOJ’s review is taking longer than anticipated due to concern about both companies’ Medicare Part D plans. To ease anti-competitive concerns, it is expected that the DOJ will require CVS and Aetna to divest some of their Medicare Part D assets.
These mergers come on the heels of the DOJ blocking two insurance company mega mergers. In 2016, the DOJ sued to block Anthem’s acquisition of Cigna and Aetna’s acquisition of Humana due to concerns that the mergers would harm consumers by increasing premiums, reducing benefits, and decreasing competition. Unlike the Anthem-Cigna and Aetna-Humana mergers, which would have resulted in horizontal integration (a reduction from five major insurance companies to three) the Cigna-Express Scripts and Aetna-CVS Health mergers would result in vertical integration, which is less of an anti-competitive risk.
These transactions are taking place at a time when pharmacy benefit managers like Express Scripts are under heightened regulatory scrutiny for their relationships with pharmaceutical companies and providers, as well as their contribution to the ever-rising cost of prescription drugs. It remains to be seen how the proposed merger will impact drug costs and physician relationships.
Large mergers and acquisitions can be expected to increase in volume as healthcare industry veterans leverage their market presence in preparation for new players to enter into the healthcare space, including Amazon, which recently acquired online pharmacy retailer PillPack for $1 billion.
Submitted by: Erica Mallon, Corporate Counsel, Greenway Health
 Dep’t of Health & Human Services Office of Inspector General Advisory Opinion No. 18-07 (July 20, 2018), available at https://oig.hhs.gov/fraud/docs/advisoryopinions/2018/AdvOpn18-07.pdf.
 42 C.F.R. 1001.952(j).
 See Fred Donovan, HHS Pushes for Changes to HIPAA Privacy Rule, 42 CFR Part 2, HealthIT Security (Aug. 9, 2018, 11:20 AM), available at https://healthitsecurity.com/news/hhs-to-propose-changes-to-hipaa-privacy-rule-42-cfr-part-2.
 See Marianne Kolbasuk McGee, HHS Weighs Changes to Health Data Privacy Regulations, GovInfo Security (Aug. 1, 2018), available at https://www.govinfosecurity.com/hhs-weighs-changes-to-health-data-privacy-regulations-a-11271.
 See supra note 4.
 See Deborah Reid & Mark Parrino, Relaxing Patient Privacy Protections Will Harm People with Addiction, The Hill (July 22, 2018, 11:00 AM), available at http://thehill.com/opinion/healthcare/398077-relaxing-patient-privacy-protections-will-harm-people-with-addiction.
 See supra note 4.
 Medicare, Medicaid, and Children’s Health Insurance Programs: Announcement of the Extension of Temporary Moratoria on Enrollment of Part B Non-Emergency Ground Ambulance Suppliers and Home Health Agencies in Designated Geographic Locations, 83 Fed. Reg. 4,147 (Jan. 30, 2018).
 Medicare, Medicaid, and Children’s Health Insurance Programs: Announcement of Temporary Moratoria on Enrollment of Ambulances Suppliers and Providers and Home Health Agencies in Designated Geographic Areas, 78 Fed. Reg. 46,339 (July 31, 2013).
 Medicare, Medicaid, and Children’s Health Insurance Programs: Announcement of New and Extended Temporary Moratoria on Enrollment of Ambulances and Home Health Agencies in Designated Geographic Locations, 79 Fed. Reg. 6,475 (Feb. 4, 2014).
 Medicare, Medicaid, and Children’s Health Insurance Programs: Announcement of Decision to List the Temporary Moratorium on Enrollment of Non-Emergency Ground Ambulance Suppliers in Texas, 82 Fed. Reg. 51,274 (Nov. 3, 2014).
 Medicare Program; Revisions to Payment Policies Under the Physician Fee Schedule and Other Revisions to Part B for CY 2019; Medicare Shared Savings Program Requirements; Quality Payment Program; and Medicaid Promoting Interoperability Program, 83 Fed. Reg. 35,704 (July 27, 2018), available at https://www.federalregister.gov/documents/2018/07/27/2018-14985/medicare-program-revisions-to-payment-policies-under-the-physician-fee-schedule-and-other-revisions.
Dear Health Law Section Members:
The Health Law Section (“HLS”) website has been updated with June through July 2018 articles on significant developments in the health law arena that may be of interest to you in your practice. These summaries are presented to HLS members for general information only and do not constitute legal advice from The Florida Bar or its Health Law Section. HLS thanks the following volunteers who have generously donated their time to prepare these summaries for our members:
Patricia Calhoun, Esq., Carlton Fields
Jocelyn E. Ezratty, Esq., Di Pietro Partners, LLP
Angelina Gonzalez, Esq., Panza, Maurer & Maynard, P.A.
Jan J. Gorrie, Esq., Of Counsel, Panza, Maurer & Maynard, P.A.
Zachary Merson, Esq., Availity, LLC
Kathleen M. Premo, Esq. & Kevin J. Malone, Esq., Epstein Becker Green, PC
Anushree (“Anu”) Sagi-Nakkana, Esq., ASN Law Firm
Marguerita Brunson Sims, Esq., Carlton Fields
Jamie Gelfman, Esq., Nelson Mullins Broad and Cassel, HLS Editor in Chief
Trish Huie, Esq., Patricia A. Huie, PLLC, HLS Team Editor
Ashley Brevda, Oncology Analytics, Inc., HLS Team Editor
ADMINISTRATIVE LAW UPDATES
Proof of Self-Defense is Insufficient to Defeat Unprofessional Conduct Claim in Board of Nursing Disciplinary Action
Section 464.018(1)(h), Florida Statutes (2018), states that a Florida-licensed nurse can be disciplined for engaging in “[u]nprofessional conduct, as defined by board rule.” The Board of Nursing (“Board”) has defined unprofessional conduct to include “[u]sing force against a patient, striking a patient, or throwing objects at a patient[.]” However, an important question was recently raised in Department of Health, Board of Nursing v. McGee as to whether a nurse who uses force against a patient in an act of self-defense can be sanctioned by the Board. The Administrative Law Judge (“ALJ”) in McGee held that disciplining the nurse in that circumstance is appropriate.
In McGee, the Respondent was a certified nursing assistant (“CNA”) who practiced in that profession for approximately 30 years. The Respondent worked at various healthcare settings throughout his career, including a New York prison psychiatric ward, hospitals, and drug and alcohol treatment centers. Aside from the incident at issue in McGee, the Respondent had never been subject to any disciplinary proceedings related to his CNA license.
In February 2017, while working at a drug and alcohol treatment center, the Respondent was confronted by an agitated patient that was “belligerent, spewing vulgar and racist epithets, and generally creating a scene.” The exchange was captured on a surveillance video. Right before the exchange with the Respondent, the patient is seen in the video springing from the bench he was sitting on in the recreation area, stripping off his jacket, and walking quickly towards the building. The patient’s posture in the video is described by the ALJ in the Recommended Order as “agitated and aggressive, with chest-thumping followed by outstretched arms.” At the same time, the Respondent can be seen in the video footage approaching the patient calmly and in a non-threatening manner. The Respondent approached the patient “in an effort to de-escalate the situation, and to move away from the other nearby patients to minimize the possibility of their involvement.” This was consistent with the de-escalation training the Respondent had received throughout his career. As the Respondent approached the patient, the patient turned to the Respondent, with fists clenched, insulted the Respondent by using a racial slur, and then feigned a blow towards the Respondent. In response, the Respondent struck the patient several times in rapid succession in what the ALJ described as “a reflexive act of self-preservation.” This act was the basis for the administrative complaint filed against the Respondent.
In reviewing this matter, the ALJ made several findings that the Respondent was acting in self-defense due to the Respondent’s “legitimate fear and anticipation of assault.” However, the plain meaning of the statute and the rule does not contain an exception for actions taken in self-defense. Accordingly, the ALJ held that the Respondent, although acting in self-defense, engaged in sanctionable, unprofessional conduct. The ALJ stated that, based on Florida precedent, “[p]enal statutes must be construed in terms of their literal meaning, and words used by the Legislature may not be expanded to broaden the application of such statutes.” As such, whether the Respondent’s action was defensive and reactive bears, instead, on “the severity of the appropriate penalty within the range established in the penalty guidelines.”
The ALJ in this matter ultimately held that “[t]he circumstances of this case, as set forth herein, clearly call for a penalty less than the maximum” and, therefore, recommended that the Respondent complete one year of probation, pay a fine of $50, and pay the costs related to the investigation and prosecution of this matter. Notably, however, a Final Order has not yet been issued by the Board of Nursing; as such, it is unknown whether the ALJ’s findings and ultimate holding will be upheld in the Final Order.
Submitted by: Angelina Gonzalez, Esq., Panza, Maurer & Maynard, P.A.
Changes Expected to Come to the Stark Law as CMS Seeks Public Input
On June 25, 2018, the Centers for Medicare & Medicaid Services (“CMS”) published a Request for Information (“RFI”) about the physician self-referral laws, otherwise known as the Stark Law
 The Stark Law was originally enacted in 1989 and named after Pete Stark, the California Congressman who proposed the law. The Stark Law seeks to prevent physicians from obtaining wrongful compensation in exchange for patient referrals to either themselves or to entities in which the physicians or their immediate family members have a financial interest. Since its inception, the Stark Law has changed dramatically into a complex framework of extensively defined legal terms with various exceptions.
This RFI comes at an integral time for CMS, which has been encouraging “value-based health care” over the previous “volume-based health care” system. A value-based system is intended to encourage provider relationships and collaboration to effectively coordinate quality care with better results, rather than to encourage a higher quantity of health care treatments. However, the Stark Law does not fit neatly into the new value-based system model.
Seema Verma, CMS Administrator, explained that the Stark Law needs to change to reduce the high regulatory burdens placed on providers. In fact, CMS identified Stark Law compliance as one of the top areas of regulatory burdens placed on providers.
In the American Medical Association’s (“AMA”) March 2018 congressional statement, the AMA called the Stark Law and the federal Anti-Kickback Statutes “outdated” and stated that they “stand in the way of achieving the goals of the new payment systems.” Recognizing the conflicts between the new health care model and these laws, the AMA asked Congress to create new exceptions that are “designed to foster collaboration in the delivery of health care and incentivize and reward efficiencies and improvement in care.” The AMA also asked Congress to limit the Stark Law’s application only to ownership arrangements instead of all arrangements implicating financial interests.
The public is invited to provide additional insight into how the Stark Law should be changed to better accomplish its anti-fraud and abuse goals, while also supporting a value-based health care system. Specifically, CMS is requesting comments on how to create a new Stark Law exception that encourages value-based care and re-defines certain key terms such as “fair market value.” CMS is also asking the public for opinions on the practicality of the already existing Stark Law exceptions. This public comment period is open through August 24, 2018.
While the current Stark Law largely depends on prohibiting compensation based on high volumes of patient referrals and business generated through provider relationships, it is expected that CMS will create a new exception that focuses on fostering such provider relationships. Should this new exception be enacted, providers may have more opportunities to structure compensation arrangements beyond the current exceptions.
Submitted by: Jocelyn E. Ezratty, Esq., Di Pietro Partners, LLP
Emergency Doctors Sue Anthem in Federal Court for Restrictive Emergency Room Policy
On July 17, 2018, American College of Emergency Physicians and the Medical Association of Georgia filed a lawsuit against Anthem Blue Cross and Blue Shield of Georgia (“Anthem”) on behalf of emergency physicians to force the health insurer to rescind its current policies that allow it to deny coverage of emergency room care when certain diagnoses are resolutely indicated.
The lawsuit, filed in the United States (“U.S.”) District Court in Atlanta, suit alleges that Anthem’s current policies cause both providers and patients to operate in fear of denial of payment of essential and needed emergency patient care in violation of the Emergency Medical Treatment and Active Labor Act of 1986 (“EMTALA”),  the Patient Protection and Affordable Care Act (“ACA”), the Employee Retirement Income Security Act of 1974 (“ERISA”), and the Civil Rights Act of 1964.
Anthem, based in Indianapolis, is the second-largest health insurer in the U.S., operating in 14 states with approximately 40 million health insurance members and $3.8 billion in net income. The company first introduced its “avoidable ER program” policy in 2015 in Kentucky, and expanded the policy to insurance markets within Georgia, Missouri, Indiana, Ohio, and New Hampshire. The policy’s goal is to reduce the patient trend and subsequent behavior of going to a hospital emergency department for what results in non-emergency care that may cost up to 10 times more than the amount of urgent care.
Under the policy, Anthem may retroactively deny payment for emergency care and treatment in more than 120 distinct situations where patients were determined post-treatment not to have suffered from an “emergency” condition. Conditions that may seem emergent to a patient but may warrant claims rejections under the policy include bronchitis, contusions, sprains, and low back pain, among others. In this case, the plaintiffs allege that patients and emergency room physicians, who are often independent contractors, risk receiving large emergency room bills because they will be denied payment for care rendered or received pursuant to Anthem’s policy.
Under EMTALA, also known as the “anti-dumping law,” hospitals are required to medically screen and stabilize any patient that presents at an emergency department regardless of the patient’s ability to pay. Given the additional cost of such emergency care, insurers began requiring that patients obtain pre-authorization prior to receiving payment for care to help reduce costs. This practice, in turn, prompted a revision under EMTALA, enacted under Balanced Budget Act of 1997, called the “prudent layperson” standard which extended to all Medicare and Medicaid plans. Similarly, 47 states enacted statutes enforcing the prudent layperson standard.
The standard revised what constitutes an emergency medical condition. Generally, the prudent layperson standard states that an emergency medical condition is any condition that would require a person of typical or average knowledge of health and medicine to believe the condition constitutes an emergency, i.e., could result in serious patient jeopardy, serious impairment to bodily function, or serious dysfunction to a bodily part. In 2010, the standard was extended to all health plans under the ACA. Subsequently, under this standard, payment for emergency care by an insurer is based on the prudent layperson standard.
After pressure from patients and physicians, in February 2018, Anthem outlined criteria that would allow for exceptions to the policy for when certain care would be provided, including when patients travel out of state or if specifically directed to go to the emergency room by a provider. However, the basic tenets of the policy remained in place.
A month later, in March 2018, Senators Clair McCaskill (D-MO) and Ben Cardin (D-MD) sent a letter to the U.S. Department of Health and Human Services and the U.S. Department of Labor to ask that the agencies investigate the payment denials by Anthem and the likely violations of federal law. The Senators’ letter stated that Anthem forces patients to act as medical professionals while experiencing an “urgent medical event.”
Healthcare providers, insurers, regulators and patients should closely monitor this case as the decision will significantly impact similar insurance company policies throughout the country that restrict payment for emergency room care and consequential treatment.
Submitted by: Marguerita Brunson Sims, Esq., Carlton Fields
Expansion of Medicare Advantage Supplemental Benefits A New World of Opportunities for Providers
Hospitals, health systems, provider groups, and residential and community-based long-term care providers (“Providers”) should revisit their relationships with Medicare Advantage plans (“MA Plans”) in light of recent federal legislative and regulatory developments in the rules related to Medicare Advantage (“MA”) supplemental benefits. In particular, Providers should consider how they can partner with MA Plans operating in the Florida market to jointly offer new categories of supplemental benefits, including offering new types of support services for people with chronic conditions and services targeting populations with certain diagnoses.
The Centers for Medicare & Medicaid Services (“CMS”) recently finalized MA regulatory changes (“Final Rule”) that allow MA Plans to offer “targeted” supplemental benefits that are medically related to a specific disease condition, provided the Plan continues to comply with the non-discrimination requirements. MA Plans are now allowed to determine which diagnoses or health conditions they choose to offer these targeted benefits and they may vary them at the county-level. Under the Final Rule, MA Plans also are expressly allowed to have different cost sharing for benefits covered by specific providers. It will be important for MA Plans to identify in their bids and in their Evidence of Coverage documents which supplemental benefits are offered as “standard” or “targeted” supplemental benefits.
The Bipartisan Budget Act of 2018 further expands the changes from the Final Rule to allow for supplemental benefits targeting beneficiaries with specific chronic conditions. The biggest change from the Bipartisan Budget Act of 2018 is that these chronic-condition-targeted supplemental benefits do not need to be expressly health related, provided that the services “have a reasonable expectation of improving or maintaining the health or overall function of the chronically ill enrollee.” This is a new exception to the long-standing medical necessity rules for MA and allows MA Plans to design supplemental benefits that address social determinants of health and in some cases, appear more like traditional, long-term care services.
Implications for Providers:
The new flexibility in the scope and design of supplemental benefits offers providers new business opportunities to offer a full spectrum of newly reimbursable services. The new supplemental benefit rules will create new streams of funding for services targeting high-risk populations and for non-medical services that can help reduce unnecessary utilization. In addition, because supplemental benefits are not subject to network adequacy requirements, they can be covered through a single provider. This allows for a new focus on “single source” care where plan members may seek care from a provider for all their services, supplemental and otherwise.
MA Plans are interested in partnering with sophisticated providers for the supplemental benefit offerings. Providers should consider the populations they currently serve or can serve and explore which supplemental service offerings best align with their care model and competencies. Providers should then take a proposal to the MA Plans in their region. Although MA Plans will not be able to implement the new supplemental benefits created by the Bipartisan Budget Act of 2018 until plan year 2020, MA Plans will be submitting bids defining these services in less than a year. Considering the timeline for implementing projects like this, Providers should immediately begin assessing the potential for their market and work with experienced MA counsel to begin discussions with MA Plans as soon as possible.
Submitted by: Kathleen M. Premo, Esq. & Kevin J. Malone, Esq., Epstein Becker Green, PC
Health-Related Laws with an Effective Date of July 1, 2018
The following provides an overview of health legislation passed during the 2018 Legislative Session with an effective date of July 1, 2018. The bills are presented alphabetically by subject. The summary information is not intended to be an exhaustive legal review but is intended to provide you with sufficient background to know whether it merits further review by you or your clients. For those who represent facilities, please note the comprehensive Agency for Health Care Administration (“AHCA”) Bill (SB 622) and for those representing physicians, the bill addressing controlled substance prescribing is a must read (HB 21). Additional information (bill language, amendments, and staff analyses) can be found on the Florida Senate and Florida House of Representatives websites – www.flsenate.gov and www.myfloridahouse.gov, respectively.
HB 283 was approved by the Governor on March 23, 2018, Chapter 2018-90, Laws of Florida. The bill modifies Section 408.0561, Florida Statutes, to grant an exception from volume requirements for diagnostic cardiac catheterization procedures and ischemic heart disease diagnoses for certain hospitals providing adult cardiovascular services.
The bill expands the type of patients that may be counted to meet the minimum volume threshold for treatment of ischemic heart disease by counting all patients with ischemic heart disease rather than only inpatients. The Lower Keys Medical Center in Key West is the only diagnostic cardiac catheterization program qualifying for this exception.
HB 21 was approved by the Governor on March 19, 2018, Chapter 2018-13, Laws of Florida. The bill is intended to address Florida’s opioid abuse crisis by expanding the use of the Prescription Drug Monitoring Program (“PDMP”), increasing regulation of prescribers and dispensers, amending criminal laws, and making appropriations. Specifically, the bill:
Limits the prescription for a Schedule II opioid to alleviate “acute pain” to a three-day supply.
A seven-day supply may be prescribed if deemed medically necessary by the prescriber as indicated and documented in the patient’s record as “acute pain exception” on the prescription, and must concurrently prescribe an emergency opioid antagonist, as defined in statute.
“Acute pain” expressly excludes pain related to cancer, terminal illness, palliative care and serious traumatic injury with an injury severity score of 9 or greater.
A health care practitioner is required to review a patient's PDMP history prior to prescribing or dispensing a controlled substance, with exemptions.
A prescribing practitioner who is approved to provide medically assisted treatment for opioid addiction is authorized to dispense Schedule II and III substances for such purpose.
Requires all practitioners authorized to prescribe controlled substances to take two hours of education credits through courses offered by the Florida Medical Association or the Florida Osteopathic Medical Association by January 1, 2019.
Requires the regulatory boards within the Department of Health (“DOH”) to adopt rules establishing guidelines for prescribing controlled substances for acute pain.
Requires all pain management clinics that claim an exemption from statutory registration requirements to obtain a certificate of exemption by January 1, 2019.
Requires dispensers to report certain Schedule V drugs to the PDMP, in addition to the current reporting requirement for Schedule II through IV drugs.
Authorizes certain federal employees who prescribe or dispense controlled substances to have direct access to the PDMP and authorizes indirect access to the PDMP for district medical examiners under certain conditions.
Authorizes DOH to exchange PDMP data with other states if certain conditions are met, and authorizes the PDMP to interface with electronic health record systems.
Aligns the state schedule of drugs with the federal schedule of drugs.
Makes it a crime to possess, purchase, deliver, or sell a tableting machine, encapsulating machine, or controlled substance counterfeiting material for illegally manufacturing controlled substances; and
Increases the level of offense for health care practitioners who inappropriately prescribe controlled substances from a third-degree felony to a second-degree felony.
For Fiscal Year 2018 through 2019, the bill appropriates $27,035,532.00 in nonrecurring funds from the Federal Grants Trust Fund for substance abuse treatment, recovery, and outreach services; $26,500,000.00 in recurring funds from the General Revenue Fund for substance abuse treatment, outreach services, and upgrades to the PDMP; and $117,700.00 in nonrecurring funds from the General Revenue Fund for upgrades to the PDMP.
Direct Primary Care Agreements
HB 37 was approved by the Governor on March 23, 2018, Chapter 2018-89, Laws of Florida. The bill creates Section 624.27, Florida Statutes, which exempts direct primary care (“DPC”) agreements and DPC providers from regulation under the Florida Insurance Code and imposes basic requirements for such agreements.
DPC is a primary care medical practice model that eliminates third-party payers from the primary care provider-patient relationship. Through a contractual agreement, a patient pays a monthly fee, usually between $25.00 and $100.00 per individual, to the primary care provider for defined primary care services, which may also include routine preventative services, women's health services, pediatric care, urgent care, wellness education, chronic disease management, and home visits. The Florida Office of Insurance Regulation does not currently regulate DPC agreements.
Distribution of Pharmaceutical Drugs and Devices
HB 513 was approved by the Governor on March 21, 2018, Chapter 2018-50, Laws of Florida. The bill modifies Section 465.027, Florida Statutes, to exempt third-party logistics providers who distribute dialysate, drugs, or devices necessary to perform home renal dialysis on patients with chronic kidney failure from pharmacy permitting requirements. The bill also removes the requirement that a manufacturer or its agent be engaged solely in the manufacture or distribution of dialysate, drugs, or devices necessary to perform home renal dialysis on patients with chronic kidney failure to qualify for the exemption.
Third-party logistics providers hold permits issued by the Department of Business and Professional Regulation (“DBPR”) to provide supply chain logistics services and transportation for prescription drug manufacturers and distributors. Third-party logistics providers that distribute dialysate, drugs, or devices necessary to perform home renal dialysis on patients with chronic kidney failure must also hold a Special Pharmacy – End Stage Renal Dialysis (“ESRD”) permit from the Board of Pharmacy within the Department of Health (“DOH”).
Section 465.027(2), Florida Statutes, provides an exemption from pharmacy permitting requirements, including ESRD permits, for a manufacturer, or its agent, licensed by DBPR, engaged solely in manufacturing or distributing dialysate, drugs, or devices necessary to perform home renal dialysis on patients with chronic kidney failure.
Donation and Transfer of Human Tissue
HB 429 was approved by the Governor on March 19, 2018, Chapter 2018-36, Laws of Florida. The bill amends Section 381.0041, Florida Statutes, to require the Department of Health (“DOH”) to develop an educational pamphlet to include specified information relating to risks and benefits of human cells, tissue, and cellular and tissue-based product transplants. The pamphlet must, at a minimum, include:
an overview of the risk of infectious disease transmission;
an overview of the standards for donor testing and screening;
an overview of processing methods intended to reduce the risk of disease or bacterial transmission in donated human cells, tissue, or cellular or tissue-based products;
the importance of providing limited recipient transplant information to the supplier of the human cells, tissue, or cellular or tissue-based product; and
information about the generosity of the human donor who provided the human cells, tissue, or cellular or tissue-based product.
Once published, DOH is required to electronically notify physicians of the availability of this pamphlet.
Health Care Facility Regulation
HB 622 was approved by the Governor on March 19, 2018, Chapter 2018-24, Laws of Florida. The bill clarifies existing licensure and enforcement requirements, amends certain provisions to eliminate conflict between Part I of Chapter 395, Florida Statutes, Chapter 400, Florida Statutes, and Part II of Chapter 408, Florida Statutes, increases administrative efficiency at the Agency for Health Care Administration (“AHCA”), and repeals redundant or obsolete statutes.
Specifically, the bill:
repeals the licensure requirements for clinical laboratories;
repeals the health care risk manager licensure requirements and the Health Care Risk Manager Advisory Council;
strengthens AHCA's enforcement capabilities for unlicensed assisted living facilities (“ALFs”);
defines the assistance an ALF must provide a resident under the Resident Bill of Rights;
repeals the Subscriber Assistance Program, which resolves disputes between health maintenance organizations and subscribers;
repeals the licensure requirements for mobile surgical facilities;
repeals obsolete special designations of rural hospitals;
eliminates conflicts and duplicative provisions between Part II of Chapter 408, Florida Statutes, and authorizing statutes;
repeals the inactive Statewide Managed Care Ombudsman Committee;
removes language that prevents nurse registries from marketing their services;
excludes individuals from employment with licensees if they have a pending domestic violence offense and excludes providers from participation in the Medicaid program for criminal offenses including offenses related to the provision of health care services, fraud, and controlled substances;
establishes requirements for pediatric cardiac programs;
revises requirements for qualifications for adult cardiac service providers;
establishes the authority of a county with a public health trust over the trust's facility; and
makes necessary conforming changes throughout the statutes to reflect the changes proposed in the bill.
Regarding clinical laboratories, the Centers for Medicare & Medicaid Services (“CMS”) regulates all laboratory testing (except research) performed on humans in the United States through the Clinical Laboratory Improvement Amendments (“CLIA”). Facilities that provide clinical laboratory services are required to be certified by the CMS CLIA laboratory certification program, which operates in conjunction with the Food and Drug Administration (“FDA”) and the Centers for Disease Control and Prevention (“CDC”). Certain laboratories may qualify as a waived testing laboratory and receive a CLIA Certificate of Waiver.
Additionally, SB 622 makes the following changes:
Section 91 amends Section 456.054, Florida Statutes, which contains general provisions for healthcare practitioners, to incorporate the clinical laboratory anti-kickback prohibition that was once present in Section 483.245, Florida Statutes, which has been repealed.
Section 97 repeals Part I of Chapter 483, Florida Statutes, relating to the licensure and regulation of clinical laboratories by AHCA. Laboratories will continue to be certified by, or receive a certificate of waiver from, the CMS under the CLIA, as explained above. Included within the repeal is a requirement that laboratory results must be reported directly to the licensed practitioner or other authorized person who requested it, and the authorization for a laboratory to disclose the results without a patient’s consent to other health care practitioners and providers involved in the care or treatment of the patient as specified in Section 456.057(7)(a), Florida Statutes.
Section 99 amends Section 483.801, Florida Statutes, to exempt from licensure persons engaged in testing performed by laboratories that are wholly owned and operated by one or more practitioners who are licensed under Florida law as allopathic or osteopathic physicians, chiropractors, podiatrists, optometrists, or dentists and who practice in the same group practice, and in which no clinical laboratory work is performed for patients referred by a health care provider who is not a member of the same group.
Insurance Code Exemption for Nonprofit Religious Organizations
SB 660 was approved by the Governor on March 19, 2018, Chapter 2018-25, Laws of Florida. The bill amends Section 624.1265, Florida Statutes, which governs nonprofit religious organizations that provide health care cost sharing services. It removes the requirement that participants adhere to the same religion, instead allowing participation by individuals "who share a common set of ethical or religious beliefs," which aligns with the federal Patient Protection and Affordable Care Act.
The bill requires nonprofit religious organizations that provide health care sharing services to specify contribution amounts to prospective participants and to report monthly to participants the amount of qualified needs funded in the previous month in accordance with criteria set by the organization. The bill requires these organizations to coordinate an annual audit with an independent certified public accounting firm.
The bill also modifies the standard disclaimer that must be provided by nonprofit religious organizations to prospective participants. The disclaimer indicates that these organizations are not insurers and are exempt from the Florida Insurance Code.
HB 735 was approved by the Governor on March 21, 2018, Chapter 2018-59, Laws of Florida. The bill creates Section 381.933, Florida Statutes.
The federal Mammography Quality Standards Act requires mammogram facilities to send each patient a summary of the mammogram report written in lay terms within 30 days of the mammographic examination. The bill codifies the federal requirement that each facility that performs mammography send a summary of a patient's mammography report to each patient. In addition to the federal requirements, if the patient has dense breasts, the bill requires the summary of the mammography report to also include a notice to the patient that the mammogram shows that the patient's breast tissue is dense, which makes it more difficult to detect some abnormalities in the breast and may also be associated with increased risk of breast cancer. However, the bill repeals this statutory requirement effective June 30, 2023.
HB 1373 was approved by the Governor on March 23, 2018, Chapter 2018-107, Laws of Florida. The bill modifies Section 393.506, Florida Statutes, which allows trained but unlicensed personnel to provide or supervise eight routes of medication administration (enteral, inhaled, ophthalmic, oral, otic, rectal, topical, and transdermal) to clients.
The bill revises the training and validation requirements for unlicensed personnel to administer or supervise self-administration of medication in Agency for Persons with Disabilities (“APD”) facilities by:
increasing the length of the initial training course from four to six hours;
adding an annual requirement of two hours of in-service training in medication administration and error prevention, which can count towards existing in-service training requirements;
eliminating the annual revalidation requirement for otic, transdermal, and topical routes of medication administration;
requiring initial validation by simulation during the initial training course rather than on an actual client for otic, transdermal, and topical routes of medication administration;
grandfathering certain unlicensed personnel already trained and validated to administer medication; and
requiring retraining for certain unlicensed personnel who lapse in their training requirements.
Currently, only a registered nurse or physician may train and validate unlicensed personnel. The bill allows a licensed practical nurse to train and validate unlicensed personnel. The bill grants the APD rulemaking authority to establish qualification requirements for trainers and enforce the provisions of Section 393.506, Florida Statutes.
HB 1137 was approved by the Governor on March 23, 2018, Chapter 2018-106, Laws of Florida. The bill amends multiple chapters of the Florida Statutes to update nursing qualifications. The bill changes the term "advanced registered nurse practitioner" to "advanced practice registered nurse" (“APRN”) throughout Florida Statutes. This conforms Florida laws to those in a majority of states.
Advanced registered nurse practitioners (“ARNPs”) are licensed registered nurses with post-graduate education in nursing that prepares them to perform advanced or specialized nursing. ARNPs may perform nursing acts, or medical acts authorized by a written protocol with a physician. A clinical nurse specialist (“CNS”) is trained in a specialized area, such as a certain population, setting, or disease state. Both ARNPs and CNSs receive advanced training; however, the two professions require separate certifications.
The bill repeals the separate certification for a CNS and instead incorporates CNS into the category of APRN. The bill retains the current scope of practice of a CNS but requires a CNS to practice pursuant to a written protocol with a physician.
Currently, APRNs are licensed as registered nurses and then certified as APRNs. The bill authorizes the Department of Health (“DOH”) to license, rather than certify, APRNs as such. The bill also adds the category of "certified nurse practitioner" to APRN, which is comprised of the same group of licensees who are currently termed "nurse practitioners."
The bill requires DOH and the Board of Nursing to develop a transition plan to convert the certifications that ARNPs and CNSs currently hold to licenses as APRNs. The bill authorizes currently certified ARNPs and CNSs to continue practicing under such certifications until DOH and the Board of Nursing complete the transition from certification to licensure.
Perinatal Mental Health
HB 937 was approved by the Governor on March 23, 2018, Chapter 2018-98, Laws of Florida. The bill creates Section 383.314, Florida Statutes, and amends Section 383.318, Florida Statutes. The bill requires the Department of Health (“DOH”) to provide perinatal mental health information through its Family Health Line toll-free hotline. The bill requires the hotline to provide basic information on postpartum depression and authorizes hotline operators to recommend that a caller be further evaluated by a qualified health care provider or refer a caller to an appropriate health care provider in the caller's local area.
The bill requires birth centers to provide a mental health screening and information on postpartum depression, including the telephone number of the Family Health Line, as components of postpartum evaluation and follow-up care.
The bill appropriates $104,320.00 recurring General Revenue funds and $21,600.00 nonrecurring General Revenue funds to DOH to implement the provisions in the bill.
HB 675 was approved by the Governor on March 23, 2018, Chapter 2018-95, Laws of Florida. The bill amends multiple provisions in Chapters 465 and 499, Florida Statutes.
The Department of Health (“DOH”) issues three types of institutional pharmacy permits for every location in a hospital, clinic, nursing home, dispensary, sanitarium, extended care facility, or other facility where medicinal drugs are compounded, dispensed, stored, or sold. Institutional pharmacy permit holders must also obtain additional permits from the Department of Business and Professional Regulation (“DBPR”) to distribute drugs. Entities that operate multiple permitted institutional pharmacies must obtain permits from DBPR for each of its permitted locations.
Section 340B of the federal Public Health Services Act requires drug manufacturers to provide outpatient drugs to eligible health care organizations and covered entities, including certain types of hospitals, at significantly reduced prices to serve primarily low income and vulnerable populations.
The bill creates a Class III institutional pharmacy permit (“Class III permit”) for hospital-affiliated institutional pharmacies, including central distribution facilities, which provide the same services authorized by a Class II permit. The bill exempts Class III permit holders from obtaining additional permits from DBPR to distribute medical drugs or prepackaged drug products between certain entities under common control. The bill also exempts hospitals that participate in the Section 340B Drug Discount Program from obtaining a permit from DBPR when arranging for a prescription drug wholesale distributor to distribute prescription drugs covered by the Section 340B Drug Discount Program directly to its contract pharmacy.
Pregnancy Support and Wellness Services
HB 41 was approved by the Governor on March 19, 2018, Chapter 2018-29, Laws of Florida, and creates Section 381.96, Florida Statutes, thereby codifying the Florida Pregnancy Support Services Program (“FPSSP”) and defining program requirements.
The FPSSP was established by the budget through proviso in 2005 to provide pregnant women and their families supportive counseling and services that promote and encourage childbirth. Under contract with the Department of Health (“DOH”), the Florida Pregnancy Care Network, Inc., (“FPCN”), manages a network of pregnancy help centers that offer services such as pregnancy testing, counseling, education and training, and referrals to state, community, and medical resources.
The bill requires DOH to contract with FPCN to provide contract management services for the delivery of pregnancy support services to pregnant women and their families and wellness services to women, regardless of pregnancy. The contract must:
require FPCN to establish and manage subcontracts with a sufficient number of providers to ensure the availability of pregnancy support and wellness services for eligible clients;
limit the amount of funds that may be used for administration;
require all paid staff or volunteers of a provider to undergo a background screening if they provide direct services to minors, elderly individuals, or individuals who have a disability;
require FPCN to monitor its subcontractors annually, and establish sanctions for noncompliance;
require FPCN to only subcontract with providers that solely promote and support childbirth;
require informational materials provided to eligible clients be current and accurate, and the reference source of any medical statements made in such materials be made available to eligible clients; and
define the contract deliverables, including financial reports and other reports due to DOH.
The bill requires that any services provided under FPSSP be provided in a non-coercive manner and not include any religious content.
Prescription Drug Pricing Transparency
HB 351 was approved by the Governor on March 23, 2018, Chapter 2018-91, Laws of Florida. The bill amends Section 464.0244, Florida Statutes, repeals Section 465.1862, Florida Statutes, and creates Sections 624.490, 627.64741, 627.6572 and 641.314, Florida Statutes.
The bill requires pharmacy benefit managers (“PBMs”) that conduct business in Florida to register with the Florida Office of Insurance Regulation (“OIR”) by submitting identifying organizational information, an application, and a fee. The bill requires that a contract between a PBM and a health insurer or a health maintenance organization (“HMO”):
include prohibitions on certain practices that limit patient access to pricing information;
require the PBM to update maximum allowable cost pricing information at least once every seven days; and
limit patient cost sharing for a drug to the lesser of the applicable cost sharing amount or the retail price.
The bill authorizes OIR to enforce these requirements upon health insurers and HMOs that apply to contracts entered or renewed on or after July 1, 2018.
The bill also creates an affirmative duty for a pharmacist or authorized employee to communicate to a patient the availability of a lower cost, generically equivalent drug and whether the patient's cost-sharing obligation exceeds the retail price of a drug in the absence of prescription drug coverage.
Public Records/Public Guardians/Employees with Fiduciary Responsibility
SB 268 was approved by the Governor on March 19, 2018, Chapter 2018-16, Laws of Florida. The bill creates Section 744.21031, Florida Statutes, which creates a public records exemption for the identifying and location information of current and former public guardians, employees with fiduciary responsibilities, and their spouses and children. Additionally, the bill exempts the places of employment of spouses and children of these personnel and the names and locations of schools and day care facilities attended by the children of those persons. The bill requires any agency that is the custodian of the information specified above to maintain the exempt status of that information upon the written request of a current or former public guardian or employee with fiduciary responsibility.
Public guardians act on behalf of indigent incapacitated persons who are unable to manage their own affairs and lack family members, friends, other persons, banks, or corporations willing and qualified to serve as their guardians.
The bill provides for retroactive application of the public record exemption and includes a statement of public necessity as required by the Florida Constitution. The bill also requires repeal of the exemption on October 2, 2023, unless reviewed and saved from repeal through reenactment by the Legislature.
Submitted By: Jan J. Gorrie, Esq., Of Counsel, Panza, Maurer & Maynard, P.A.
Judge Rules OCR HIPAA Penalties of $4.3 Million Were Reasonable
The Department of Health and Human Services, Office of Civil Rights (“OCR”) investigated MD Anderson Cancer Center for three events that occurred between April 2012 and November 2013 involving the electronic protected health information (“ePHI”) of 33,500 patients. Each event involved the loss or theft of unencrypted devices. At the close of the investigation, the OCR recommended a civil monetary penalty of $4,348,000.00. MD Anderson disagreed with the decision and filed an appeal.
MD Anderson argued that it was not required to encrypt its devices because the ePHI at issue was for research and therefore not subject to HIPAA nondisclosure requirements, the loss of an unencrypted device is not a disclosure unless someone views the data, it should not be liable for its employees who are not following policies, and that the penalties imposed against it were unreasonable. Both parties moved for summary judgment and on June 1, 2018, the Administrative Law Judge granted the OCR’s motion for summary judgment finding that:
MD Anderson was required to encrypt its devices because it had recognized that encryption was necessary to protect ePHI as early as 2006 and had instituted polices requiring encryption.
The loss or theft of an unencrypted device is a “disclosure.”
The argument that HIPAA does not apply because the information was for research was without merit.
The fact that employees may not have been following policy does not put their actions outside the scope of employment.
The penalties were reasonable.
The OCR and the judge agreed that MD Anderson’s violations met the “reasonable cause” or second tier of penalties. “Reasonable cause” is defined at 45 C.F.R. § 160.401 to mean “an act or omission in which a covered entity or business associate knew, or by exercising reasonable diligence would have known, that the act or omission violated an administrative simplification provision, but in which the covered entity or business associate did not act with willful neglect.”
The second tier allows penalties ranging from $1,000.00 to $50,000.00 for each violation with a cap of $1,500,000.00 for identical violations committed during a calendar year. The OCR argued that each day that MD Anderson failed to encrypt ePHI was a separate violation and sought to impose $2,000.00 per day per penalty for the period from March 24, 2011 until January 26, 2013, and the maximum of $1,500,000.00 per year to remedy the loss of ePHI for 31,000 individuals in 2012 and more than 35,000 individuals in 2013.
The judge agreed and held that MD Anderson was noncompliant on each day of the period at issue and that the penalties were reasonable given the level of MD Anderson’s culpability. The judge also noted that it was reasonable to count the loss of ePHI for each affected individual as a separate violation. Finally, the judge denied MD Anderson’s arguments that the penalties were excessive, noting “[w]hat is most striking about this case is that Respondent knew for more than five years that its patients’ ePHI was vulnerable to loss and theft and yet, it consistently failed to implement the very measures that it had identified as being necessary to protect that information.”
Submitted by: Patricia Calhoun, Esq., Carlton Fields
OCR Issues New Interim Guidance on Sufficient Descriptions of a Use or Disclosure of PHI for Future Research Authorizations under HIPAA
In June 2018, the Secretary of the Department of Health and Human Services, Office for Civil Rights (“OCR”) issued new Guidance related to streamlining authorization under HIPAA for uses and disclosures of protected health information (“PHI”) for future research. The Privacy Rule (45 C.F.R. Part 160 and Subparts A and E of Part 164) allows covered entities and business associates to use and disclose PHI only as permitted or required by the Privacy Rule or as authorized by an individual. Although exceptions exist allowing the limited use and disclosure of PHI for research without an individual’s authorization, the recent Guidance focused on situations in which an entity is required to obtain an authorization from an individual to use and disclose the individual’s PHI for future research purposes. OCR states that a description of future research purposes is compliant with 45 C.F.R. § 164.508(c)(1)(iv) “if the description sufficiently describes the purposes such that it would be reasonable for the individual to expect that the protected health information could be used or disclosed for such future research.” However, it is important to note that OCR qualified the above-mentioned statement as “Interim Guidance” and is currently seeking additional insight and input on the question of “what constitutes a sufficient description such that it would be reasonable for the individual to expect that the PHI could be used or disclosed for such research.” The Guidance also provided clarification on expiration of authorizations for future research and the right to revoke authorizations.
Submitted by: Zachary Merson, Esq., Availity, LLC
The State of the Dental Market
It is estimated that the market for dental services is approximately $123 billion dollars. Over the past three to five years, patients over the age of 65 have significantly utilized more dental services than patients under the age of 65. The increased demand for dental services, combined with the reduced risk related to reimbursement for dental services, has spiked interest and activity in the dental market by private equity and strategic investors.
According to one report, dental support organizations (“DSO”) only own 16% of total practices in the United States which makes the potential for growth a perfect fit for private equity. There are many dental transactions (further detailed in the article cited herein) and those buyers use either a dental practice management model (“DPM”) or a DSO model. The DPM model allows private equity to invest in a dental management company without investing in the dental practice by providing all of the administrative services without billing and collections (except for claims). This also makes it an attractive model for practitioners.
Examples of private equity and strategic investments are further described in the article and include Heartland Clinic, Smile Doctors and Dental Partners (Melbourne, Florida based). Finally, there are numerous regulatory considerations involved in any dental transaction including corporate practice of dentistry, compliance and ancillary services that must be carefully navigated. However, there is a strong suggestion that opportunities for consolidation exist for investors willing to navigate those regulatory challenges.
Submitted By: Anushree (“Anu”) Sagi-Nakkana, Esq., ASN Law Firm
 Fla. Admin. Code r. 64B9-8.005(13).
 No. 18-000504PL (Fla. DOAH May 25, 2018) (Recommended Order).
 Id. at 7.
 Id. at 8.
 Id. at 9.
 Id. at 12.
 Id. at 14.
 Id. at 17-18.
 “Medicare Program; Request for Information Regarding Physician Self-Referral Law (Proposed Rule),” 83 Fed. Reg. 29524 (June 25, 2018).
 42 U.S.C. § 1395nn.
 “CMS seeks public input on reducing regulatory burdens of the Stark Law,” CMS.gov (June 20, 2018), available at https://www.cms.gov/Newsroom/MediaReleaseDatabase/Press-releases/2018-Press-releases-items/2018-06-20-2.html.
 See “Statement of the American Hospital Association before the Subcommittee on Health of the Committee on Ways and Means of the U.S. House of Representatives,” AHA.org, (Mar. 21, 2018), available at https://www.aha.org/system/files/2018-03/180321-macra-statement-house-ways-means.pdf.
 See Complaint & Demand for Jury Trial, Am. College of Emerg. Physicians & Med. Assoc. of Ga. v. Blue Cross & Blue Shield of Ga. & Anthem Ins., Inc., No. 1:18-cv-03414-MLB, 2018 WL 3453477 (N.D. Ga, July 17, 2018).
 42 U.S.C. § 1395dd.
 Id. § 18166, et seq.
 29 U.S.C. § 1132(a)(1)(B), et seq.
 42 U.S.C. § 2000D, et seq.
 Regulatory changes include: “Medicare Program; Contract Year 2019 Policy and Technical Changes to the Medicare Advantage, Medicare Cost Plan, Medicare Fee-for-Service, the Medicare Prescription Drug Benefit Programs, and the PACE Program Final Rule (83 FR 16440),” available at: https://s3.amazonaws.com/public-inspection.federalregister.gov/2018-07179.pdf; and the “Announcement of Calendar Year 2019 MA Capitation Rates and MA/PD Payment Policies and Final Call Letter,” available at: https://www.cms.gov/Medicare/Health-Plans/MedicareAdvtgSpecRateStats/Downloads/Announcement2019.pdf. The important legislative change was enacted through the Bipartisan Budget Act of 2018 (H.R. 1892), available at: https://www.congress.gov/bill/115th-congress/house-bill/1892/text.
 “Research” is defined in the Privacy Rule as “a systematic investigation, including research development, testing, and evaluation, designed to develop or contribute to generalizable knowledge.” 45 C.F.R. § 164.501.
 A copy of this Guidance is available at: https://www.hhs.gov/sites/default/files/hipaa-future-research-authorization-guidance-06122018%20v2.pdf.
 Kayla McCann Marty, An Insider’s View of the State of the Dental Market, Bender’s Health Care Law Monthly (Apr. 1, 2018).
Dear Health Law Section Members:
The Health Law Section (“HLS”) website has been updated with May through June 2018 articles on significant developments in the health law arena that may be of interest to you in your practice. These summaries are presented to HLS members for general information only and do not constitute legal advice from The Florida Bar or its Health Law Section. HLS thanks the following volunteers who have generously donated their time to prepare these summaries for our members:
Christian Pérez Font, Esq., Chief Compliance Officer, OPKO Health, Inc.
Angelina Gonzalez, Esq., Panza, Maurer & Maynard, P.A.
Erin J. Hoyle, Esq., Carlton Fields
Anne Kelley, J.D. Candidate, University of Florida Levin College of Law
Erica C. Mallon, Esq., Carlton Fields
Ben Assad Mirza, Esq., Master of Public Health and Administration Candidate, Yale University
Anushree (“Anu”) Sagi-Nakkana, Esq., ASN Law Firm
Timothy S. Wombles, Esq., Broad and Cassel, LLP
Jamie Gelfman, Esq., Broad and Cassel LLP, HLS Editor in Chief
Christian Pérez Font, Esq., OPKO Health, Inc., HLS Team Editor
Elizabeth Scarola, Esq., Carlton Fields Jorden Burt P.A., HLS Team Editor
Download a copy of the May-June 2018 Updates at the following links:
May 2018 HLS Updates (PDF)
May 2018 HLS Updates (DOCX)
The Health Law Section (“HLS”) website has been updated with January through April 2018 articles on significant developments in the health law arena that may be of interest to you in your practice. These summaries are presented to HLS members for general information only and do not constitute legal advice from The Florida Bar or its Health Law Section. HLS thanks the following volunteers who have generously donated their time to prepare these summaries for our members:
- Trish Calhoun, Esq., Carlton Fields
- Jocelyn Ezratty, Esq., Di Pietro Partners, LLP
- Christian Perez Font, Esq., Chief Compliance Officer, OPKO Health, Inc.
- Angelina Gonzalez, Esq., Panza, Maurer & Maynard, P.A.
- Jan Gorrie, Esq., Of Counsel, Panza, Maurer & Maynard, P.A.
- Caycee Hampton Esq., Carlton Fields
- Jeanne E. Helton, Esq., Smith, Hulsey & Busey
- Anne Kelley, J.D. Candidate, University of Florida
- Michael D. Lessne, Esq., Broad and Cassel, LLP
- Erica Mallon, Esq., Carlton Fields
- Juan Carlos (“JC”) Palacio, Esq., CHC, Associate Director, Health Information Privacy, Jackson Health System
- Danielle Scheer, MPH, CPH, J.D. Candidate, University of Florida
- Paul Thompson, Esq., MPH, Contract Attorney, Raymond James Financial, Inc.
- Timothy S. Wombles, Esq., Broad and Cassel, LLP
Jamie Gelfman, Esq., Broad and Cassel LLP, HLS Editor in Chief
Trish Huie, Esq., Patricia A. Huie, PLLC, HLS Team Editor
Ashley Brevda, Oncology Analytics, Inc., HLS Team Editor
Download the Updates at the Following Links
April 2018 HLS Updates DOCX
April 2018 HLS Updates PDF
ADMINISTRATIVE LAW UPDATES
Challenge to Florida Board of Optometry’s Authority
In November 2016, two out-of-state optometrists (“Petitioners”) challenged the Florida Board of Optometry’s authority to promulgate Rule 64B13-4.001(2), Florida Administrative Code (2015), requiring optometry licensure applicants in Florida to pass all four parts of the National Board of Examiners in Optometry’s (“NBEO”) examination within the seven-year period immediately preceding the filing of the licensure application. The Petitioners argued that the rule’s seven-year “look back” provision was invalid on multiple grounds.
 At the conclusion of the administrative hearing, Administrative Law Judge (“ALJ”) Lisa Shearer Nelson issued a Final Order holding that the “look back” provision in the rule was invalid. Yontz & Johnson v. Dep’t of Health, Bd. of Optometry, No. 16-6663RX, 2017 WL 1423480 (Fla. Div. Admin. Hrgs. Apr. 14, 2017) (Final Order). Notably, ALJ Shearer Nelson held that the Petitioners had “demonstrated that the look-back period in the Rule exceeds the Board’s grant of rulemaking authority” since “[t]he plain language of section 463.006(1) contemplates that in every case, the application for licensure would precede taking the examination.” Yontz, 2017 WL 1423480, at 31–32.
When the “look back” period in the Rule was invalidated it not only prevented out-of-state providers from using their existing NBEO exam scores to apply for licensure in Florida, but it also prevented any student within the United States applying for optometry licensure in Florida from using passing NBEO exam scores attained while completing optometry school. The Yontz decision and Section 463.006(1)(b)(2), Florida Statutes, prohibited students from sitting for licensure examination prior to graduation. This situation presented a significant problem for optometry students across the country who wished to apply for licensure in Florida since many optometry schools require students to take Parts I and, in some cases, Part II of the NBEO exam as a graduation requirement. Therefore, any student that had already taken and passed any part of the NBEO exam before applying for licensure would have to retake the examination after submitting his or her application. Although the Board of Optometry attempted to correct this situation, the explicit requirement that application for licensure precede examination prevented the Board from correcting this issue without legislative intervention.
During the 2018 legislative session, the Florida House of Representatives put forth a bill, H.B. 7059 (the “Bill”), that incorporates a three-year “look back” period into Section 463.006(3), Florida Statutes. The three-year “look-back” period allows students to submit passing scores attained while in optometry school as part of their licensure application provided they are within the requisite timeframe. Under the new licensure requirements, out-of-state practitioners are also allowed to submit NBEO exam scores that are up to three years old to complete their licensure applications in Florida. Both the House of Representatives and the Senate passed the Bill, which was signed by Governor Rick Scott on March 28, 2018 and took effect upon becoming a law.
Submitted by: Angelina Gonzalez, Esq., Panza, Maurer & Maynard, P.A
Fifth Circuit Reverses Dismissal of Complaint Seeking Injunction to Prevent Medicare Recoupment Prior to Conclusion of Administrative Appeal based on Violation of Procedural Due Process
On March 27, 2018, the Fifth Circuit Court of Appeals in Family Rehabilitation, Inc. v. Alex Azar, II, Sec. U.S. Dept. of Health & Human Services, No. 17-11337, 2018 WL 1478052, at *1 (5th Cir. Mar. 27, 2018), reversed the decision of a Northern Texas district court, thereby permitting a plaintiff home health agency to proceed with a complaint seeking a temporary restraining order and injunction against recoupment of more than $7.6 million in Medicare overpayments pending the completion of the plaintiff’s administrative appeal.
The district court had sua sponte dismissed the case for lack of subject matter jurisdiction because the plaintiff’s hearing before an Administrative Law Judge (“ALJ”) was pending and the plaintiff had accordingly not yet exhausted its administrative remedies. See 42 U.S.C. § 405(g) and (h). In reversing, the Fifth Circuit recognized that the plaintiff’s ultra vires claims and its claims based on the government’s violation of its procedural due process established jurisdiction under the “collateral-claim” exception to the channeling requirements of 42 U.S.C. § 405. Under the exception, first recognized in Mathews v. Eldridge, 424 U.S. 319 (1976), a court may have jurisdiction over claims (a) that are “entirely collateral” to a substantive agency decision and (b) for which full relief cannot be obtained at a post-deprivation hearing.
Since the plaintiff sought only to have recoupment suspended until a hearing, and because it raised claims that were unrelated to the merits of the recoupment, the Fifth Circuit determined that the plaintiff’s claims were collateral. Additionally, since the plaintiff alleged that it would go out of business if recoupment continued before the ALJ hearing, the Fifth Circuit determined that there would be irreparable injury to the plaintiff. Accordingly, the Fifth Circuit held that it had jurisdiction to hear the procedural due process and ultra vires claims. The Fifth Circuit dismissed two other avenues to jurisdiction sought by the plaintiff: first determining that there was no jurisdiction under 28 U.S.C. § 1331 because of futility, and second determining that there was no basis for mandamus jurisdiction because the plaintiff did not request that the government provide it with a timely ALJ hearing.
This case may leave the door open for healthcare providers/suppliers who may be put out of business by Medicare recoupment as they await a three- to five-year ALJ hearing through a constitutional procedural due process challenge and by seeking mandamus. The Eleventh Circuit, in In re Bayou Shores SNF, LLC, 828 F.3d 1297 (11th Cir. 2016), cert. denied sub nom. 137 S. Ct. 2214 (2017), held that the bankruptcy court lacked subject matter jurisdiction to enjoin the termination of the debtor skilled nursing facility’s provider agreement because the debtor had not exhausted its administrative remedies. However, the Eleventh Circuit did not consider the collateral claims exception and declined to consider mandamus jurisdiction. Seeking temporary relief and a timely ALJ hearing may be sufficient to impart jurisdiction on the district court while the healthcare business awaits adjudication through the administrative process that the Fifth Circuit in Family Rehabilitation described as a “harrowing labyrinth.”
Submitted by: Michael D. Lessne, Esq., Broad and Cassel, LLP
Consideration of Efficiencies in Antitrust Merger Analysis under § 7 of the Clayton Act
The core mission of antitrust law is to protect the consumers’ rights to low prices, innovation, and diverse production through competition. The Clayton Act is “the principal federal substantive law governing mergers, acquisitions, and joint ventures.” Section 7 prohibits mergers and acquisitions where the effect “may be substantially to lessen competition, or to tend to create a monopoly.”
Circuit Courts are split on whether an efficiency defense may be considered in merger cases. The leading case on the efficiency defense is FTC v. Proctor & Gamble Co., in which the Supreme Court wrote that “[p]ossible economies cannot be used as a defense to illegality. Congress was aware that some mergers which lessen competition also may result in economies, but it struck the balance in favor of protecting competition.”
Support for the position that efficiencies should not be considered in determining if a merger may substantially lessen competition under Section 7 include FTC v. Penn State Hershey Medical Center, and Saint Alphonsus Medical Center-Nampa, Inc. v. St. Luke’s Health System, Ltd. Other circuits have ruled to the contrary, and opinions from the 8th, 11th, 6th, and D.C. Circuits have allowed consideration of efficiencies in merger cases.
The Justice Department’s 1982 Merger Guidelines recognized a very narrow efficiency defense, which was preserved in the 1992 Guidelines and expanded in the 1997 revisions. In addition to the 6th, 8th, 11th, and D.C. Circuits and Merger Guidelines, multiple lower courts have held there is some possibility of using efficiencies as a defense, though no court has approved an otherwise illegal merger solely because of efficiencies. Efficiencies presented by defendants must be based on a substantial amount of evidence, must be “cognizable,” and they must be “merger-specific.”
The recent U.S. Supreme Court case of Anthem, Inc. v. United States, fails to clarify if an efficiency defense may be considered in merger cases. The main legal issue presented on petition for a writ of certiorari was whether the Supreme Court’s decision in FTC v. Procter & Gamble Co. foreclosed consideration of efficiencies in a merger analysis.
Anthem contended that “any anticompetitive effects will be outweighed by the efficiencies it will generate.” Anthem argued that the merger would result in cost savings by providing Cigna’s “highly regarded value based products” at the lower prices negotiated by Anthem.
The D.C. District Court Judge found that the cost savings are not recognized as efficiencies since they (1) are not merger-specific, (2) are not verifiable, and (3) may not be “efficiencies” at all. The court distinguished between competition and consumer welfare, and noted that no court has held that “a potential general benefit to consumers at the end of the day can negate competitive harm.”
Anthem was unable to demonstrate that “its plan [was] achievable or that it [would] benefit consumers as advertised,” nor that their offerings to consumers would be anything other than preexisting products (as opposed to a Cigna product at Anthem rates, which would be a merger-specific offering).
When considered by the D.C. Circuit Court, the majority held that Proctor & Gamble did foreclose considering efficiencies, siding with the Third and Ninth Circuits. The dissent disagreed, concluding that United States v. General Dynamics Corp. required a comprehensive consideration of relevant competitive factors including efficiencies, siding with the Eighth and Eleventh Circuits. The circuit split stands to this day, as the petition for certiorari by Anthem, Inc. was denied by the Supreme Court.
While future litigation should not avoid an efficiencies defense, lawyers should not rely on efficiencies to save an otherwise unlawful merger.
Submitted by: Danielle Scheer, MPH, CPH, J.D. Candidate, University of Florida
OIG Audits the Accuracy of Hospital Credit Reporting in Claims
In March 2018, the U.S. Office of the Inspector General (“OIG”) filed a report identifying 210 hospitals for which Medicare potentially overpaid approximately $4.4 million. The OIG’s audit reviewed claims spanning from 2008 through 2013. The basis of the review was the OIG’s belief that hospitals failed to accurately report manufacturer credits for its surgical equipment. For purposes of this audit, the OIG reviewed hospital claims submitted for federal benefits payments for device intensive procedures. Specifically, this OIG audit related to five cardiac medical devices that were recalled or that otherwise had high failure rates.
Hospitals or other health care providers often receive manufacturer credits (or reduced payment rates) for medical devices because of device recalls or high failure rates. According to the Social Security Act regulations, hospitals must report certain credits received by manufacturers by using claim modifiers or by inclusion of condition or value codes. Submitting claims with the appropriate modifiers, or condition or value codes, reduces reimbursements from government payors for these medical procedures. Often, credits received from medical device companies are greater than a 50% cost reduction that the hospital otherwise would have had to pay.
Rather than recommending enforcement actions, the OIG recommends that the Center for Medicare and Medicare Services (“CMS”) instruct these hospitals to submit self-reports in accordance with the 60-day rule implemented in 2016. The purpose of the 60-day rule is to allow health care providers to report and return discovered identified overpayments without additional penalties.
CMS will have the final say on how to proceed with the overpayments on these claims. Still, with potential overpayments in the range of $4.4 million, expect CMS to take actions to recoup these overpayments.
Interestingly, the OIG also recommended altering the compliance requirements by doing away with device credit reporting. Until this happens, hospitals and other providers that use and bill for costly surgical equipment, as well as other medical equipment, should be mindful of applying these modifiers to their claims.
The OIG Press Release can be found here: https://oig.hhs.gov/oas/reports/region5/51600059.asp. The full OIG audit report is available at: https://oig.hhs.gov/oas/reports/region5/51600059.pdf. For more information on the 60-day rule, the final rule can be found here: https://www.federalregister.gov/documents/2016/02/12/2016-02789/medicare-program-reporting-and-returning-of-overpayments.
Submitted by: Jocelyn E. Ezratty, Esq., Di Pietro Partners LLP
FRAUD AND ABUSE UPDATES
Florida Ophthalmologist Sentenced to 17 Years for Medicare Fraud
On February 22, 2018, Florida ophthalmologist Dr. Salomon Melgen was sentenced to 17 years in prison after a federal jury in West Palm Beach found him guilty of healthcare fraud.
According to the initial indictment in the case, Dr. Melgen was a retina specialist who commonly treated conditions and diseases of the retina, including macular degeneration. Dr. Melgen was an approved Medicare service provider, and a substantial portion of his high-volume medical practice was composed of elderly Medicare beneficiaries. The Government accused Dr. Melgen of falsely diagnosing patients with age-related macular degeneration and submitting claims to Medicare and other healthcare benefit programs based on false entries in patient medical charts. Dr. Melgen was also accused of falsely diagnosing patients with other retinal disorders, causing them to return to his clinic on a regular basis for medically unreasonable and unnecessary diagnostic tests.
The Government found Dr. Melgen fraudulently billed Medicare more than $73 million. On April 28, 2017, after a two-month trial, a jury found Dr. Melgen guilty of all 67 counts of healthcare fraud.
In a sentencing order entered on February 21, 2018, U.S. District Judge Kenneth Marra found that Dr. Melgen’s “medical practice was conducted in a manner where he routinely, and as a matter of standard practice, diagnosed patients with medical conditions they did not have so he could bill for diagnostic procedures and medical services which were not medically necessary or justified.” The court additionally noted that Dr. Melgen was able to perpetrate fraud “because he was a trained physician in whom his patients placed their trust.”
Dr. Melgen’s abuse of patient trust, and his extensive scheme to defraud Medicare, ultimately resulted in a sentence of 204 months’ imprisonment, to be followed by three years of supervised release. The court additionally ordered Dr. Melgen to pay more than $42 million in restitution to Medicare.
United States v. Melgen, No. 9:15-cr-80049-KAM (S.D. Fla. Feb. 21 2018).
Submitted by: Caycee Hampton, Esq., Carlton Fields
Healthcare Providers Empowered by DOJ Memo in Healthcare Fraud Actions
Federal agencies, including the Centers for Medicare and Medicaid Services (“CMS”), routinely issue guidance documents applicable to regulated healthcare providers that are subsequently treated as binding on such providers, despite the absence of a notice and comment rulemaking process. The issuing agencies often allege violations of a statute or regulation, such as the Anti-Kickback Statute or False Claims Act, when a provider has violated a related guidance document. Providers have long expressed concern that reliance on such guidance documents, when the underlying statute or regulation lacks clarity, is an unfair expansion of an agency’s regulatory authority.
A January 2018 memorandum (the “Memo”) from United States Department of Justice (“DOJ”) Associate Attorney General Rachel Brand will impact the DOJ’s ability to utilize such guidance documents in healthcare fraud civil enforcement actions. The Memo indicated that providers are not bound to comply with guidance documents, unless such standards are set forth in binding laws or regulations. While guidance documents cannot be construed as binding, or as proof that a provider broke the law, they can be used as proof that the accused had knowledge of the regulation or law prior to committing the violation.
This Memo provides a reprieve to providers, limiting the types of documents the DOJ can rely upon as evidence of a regulatory violation. The inability to use regulatory guidance as proof of a violation also gives providers greater latitude for arguing the requirements set forth in laws and regulations. Further, a provider may still utilize guidance documents to his or her advantage by arguing that he or she relied upon the guidance document for regulatory compliance; however, the DOJ may not use such document to argue a regulatory violation.
This change empowers entities and providers to push back against regulatory enforcement actions brought in reliance upon guidance documents. Hopefully the DOJ’s Memo will result in an increased effort to enact laws and regulations that are clear on their face.
Submitted by: Erica Mallon, Esq., Carlton Fields
Middle District Continues to Refine the Application of Standards Set Forth in Escobar
On January 11, 2018, the Chief Judge in the Middle District of Florida overturned a large jury verdict against a nursing home system operating in Florida. Overturning a jury verdict is relatively rare and the decision is getting a lot of attention.
In United States ex rel. Ruckh v. Salus Rehabilitation Services, LLC, No. 8:11-cv-1303-T-23TBM, 2018 WL 375720 (M.D. Fla. Jan. 11, 2018), the United States District Court of the Middle District of Florida vacated an almost $350 million verdict against the owners and operators of fifty-three specialized nursing facilities due to the relators’ failure to satisfy the “rigorous and demanding” materiality requirement established by the landmark Supreme Court case, Universal Health Services v. Escobar, 136 S.Ct. 1989 (2016).
The relator asserted that the nursing facilities’ failure to maintain comprehensive care plans coupled with “a handful of paperwork defects” when filing the Medicaid and Medicare claims made the claims false. However, the relator offered no meaningful or competent proof that the government would have regarded these practices as material to the government’s decision to pay the defendants or lead to the government’s refusal to pay. The relator must demonstrate the defendant’s “knowledge” that the government perceives and has treated the alleged regulatory non-compliance and corresponding claims as material to the government’s payment decision.
The Ruckh decision also focuses in on the “knowledge/scienter” requirement as it relates to the materiality standard. The Court held that the “False Claims Act requires the relator to prove . . . that the defendant knew at the moment the defendant sought payment that the non-compliance was material to the government’s payment decision.”
The Court concluded that through continued full payment for these services despite knowledge of disputed practices, non-compliance, or a claimed defect, the government had “work[ed] itself into a steadily tightening bind . . . of prov[ing] that the government would not do exactly what history demonstrates the government in fact did.” The Court ultimately found the “relator’s claims [to be] fatally ensnarled in that intractable bind.” As a result, the Court granted the nursing facilities’ judgment as a matter of law, vacating the jury rendered judgment.
Based on the Salus decision, relators and their counsel will now need to evaluate whether a provider’s non-compliance would be “material” enough to consider the claim “false” and whether the requisite scienter requirement can be demonstrated. For instance, if a provider does not fully comply with HIPAA, but provided the services, is this non-compliance “material” to payment? What if direct supervision of a service is required but the provider only met the standard for “general” supervision? The Salus decision may provide some defendants with a good defense.
Submitted by: Jeanne E. Helton, Esq., Smith, Hulsey & Busey
Q1/2018: An Active month for Healthcare Fraud Enforcement in Florida
Healthcare fraud and abuse enforcement in Florida continues to trend upwards. During the first three months of 2018, the U.S. Department of Justice (“DOJ”) announced several actions involving Florida defendants. The first action announced in mid-January 2018 involved a kickback scheme by a central Florida pharmacy, a medical doctor and a patient recruiter that resulted in the payment of approximately $4.3MM in false and fraudulent claims to TRICARE. All three defendants were found guilty and convicted after a five-day trial. In another action in late February 2018, a Miami man was convicted and ordered to pay over $9MM in restitution for his role in a $63 million kickback scheme involving a now-defunct Miami-Dade facility that provided partial hospitalization program (“PHP”) services to individuals suffering from mental illness. According to the DOJ press release, the defendant knowingly referred Medicare beneficiaries from the Miami-Dade state court system (some of which were not even mentally ill) to this facility in exchange for kickbacks. Eleven other individuals have also pleaded guilty and have been sentenced, including the owner of the now-defunct facility. On February 23, 2018, the DOJ filed a complaint in intervention against a compounding pharmacy located in Pompano Beach, alleging that the pharmacy was involved in a kickback scheme to induce prescriptions of drugs reimbursed by TRICARE. That case is still pending. On February 28, 2018, the owner and operator of 20 home health agencies in Miami-Dade County was sentenced to 240 months in prison for his role in a $66MM conspiracy to defraud Medicare. According to the DOJ press release, the defendant and other co-conspirators paid kickbacks for patient referrals and submitted false claims to Medicare for services that were never performed. More recently, on March 14, 2018 three Miami home health agency owners were indicted for their alleged participation in a healthcare fraud scheme involving a now-defunct home health agency in Miami. According to the DOJ press release, the defendants conspired with the owners and operators of several home health therapy staffing companies and others to bill Medicare for services that were either medically unnecessary, not eligible for Medicare reimbursement, or which were never provided. That case is also still pending.
Copies of the DOJ’s press releases referenced in this update are available at: https://www.justice.gov/news?f%5B0%5D=field_pr_topic%3A3936
Submitted by: Christian Pérez Font, Esq.
PRIVACY AND SECURITY UPDATES
EU’s New Privacy Law, the GDPR – The Bar is Set High
On May 25, 2018, the European Union’s (“EU”) General Data Protection Regulation (“GDPR”) will take effect. The goal of the GDPR is to protect individuals’ “fundamental right” to the processing of their personal data. The regulation aims to achieve this goal by establishing protections for the privacy and security of personal data of individuals in the EU. Considering how far-reaching, comprehensive and potentially punitive the GDPR will be, U.S.-based healthcare organizations need to understand if it applies to them, the implications for their operations and privacy practices, and potential liability for failing to comply.
The GDPR will directly apply to a healthcare organization if the organization: (i) has an establishment in the EU; (ii) monitors the behavior of individuals whose behavior takes place in the EU, or profiles individuals who are in the EU; or (iii) offers goods (e.g., medical supplies, software, pharmaceuticals) or services (e.g., diagnostic studies, marketing to recruit individuals in the EU to be patients at a US facility, sponsoring a clinical study) to individuals in the EU. These extra-territorial aspects to the GDPR make it far-reaching, which is why U.S.-based healthcare organizations should be aware of this regulation and familiar with its comprehensive components.
For instance, the GDPR creates rights for individuals in the EU, such as right of access, recertification (amendment), right to erasure (right to be forgotten), and to restrict the use of personal data. The GDPR also dictates the circumstances in which processing of personal data is permitted. The GDPR requires healthcare organizations processing personal data to implement appropriate technical and organizational security measures (e.g., encrypting the personal data and ability to restore data). Moreover, the GDPR has several notification requirements. These requirements include notifying an individual if their information has been amended or erased and notification (generally within 72 hours) to data protection authorities and affected individuals in the event of the occurrence of a “personal data breach.”
U.S. based healthcare organizations may find themselves in a uniquely challenging situation under the GDRP because of the high volumes of sensitive health related personal data they may process. Health data, specifically “data concerning health”, “genetic data” and “biometric data”, is considered sensitive. The GDRP establishes higher protection standards for health data and prohibits processing this type of data unless several conditions apply. Keeping in mind that the regulation is not yet active, guidance indicates that failure to comply with the GDPR can result in significant penalties—the maximum monetary penalty can be €20,000,000.00 or 4% of an organization’s global annual turnover, whichever is greater. As a point of reference, the largest HIPAA settlements to date have been around $5.5 million.
Considering a penalty for a breach under the GDPR can be significant, healthcare organizations should take proactive steps to review their operations, determine if the GDPR applies to them, and, if it does, create a data protection program to comply with its comprehensive components.
Submitted by: Juan Carlos (“JC”) Palacio, Esq., CHC, Associate Director, Health Information Privacy, Jackson Health System
HIPAA – Lessons to Learn from the Fresenius Settlement
In an industry overrun with news of almost daily privacy breaches, what makes the Fresenius settlement especially newsworthy is the size of the fine compared to the size and type of the breaches involved.
On February 1, 2018, it was announced that Fresenius Medical Care North America (Fresenius) agreed to pay $3.5 million and entered into a comprehensive corrective action plan for potential violations of the Health Insurance Portability and Accountability Act (“HIPAA”). Fresenius, a large network of dialysis facilities, cardiac and vascular labs and urgent care centers, reported five relatively small breaches based on the theft of equipment at five different facilities involving the protected information of a combined total of 521 patients.
So, how did the robbery of five different facilities end up costing Fresenius $3.5 million?
The fact that all five incidents occurred during one calendar year within a large organization was a factor. In addition, the Office for Civil Rights (“OCR”) took a hard look at Fresenius’ HIPAA privacy and security policies. OCR also focused on the fact that three of the stolen devices were not encrypted.
HIPAA lessons to be learned as a result of this settlement:
- 1. Enterprise-wide risk assessment. If your facility is part of a larger whole, it is time to ensure that there are overall HIPAA policies and that you perform an enterprise-wide HIPAA risk assessment.
- 2. Policies. Review your policies to ensure that they are up-to-date and all-inclusive. Check to see if there is a policy dealing with movement of Protected Health Information (“PHI”) and electronic devices in and out of the facility; a policy that addresses environmental and operational changes that affect PHI; a policy regarding physical safety and the threat of theft; a policy regarding encryption; and a policy addressing security incidents. (Interestingly, one Fresenius facility was cited for failing to implement polices to address security incidents even though a security incident was not involved in the breach.)
- 3. Encryption. Review the implementation of encryption at your facility. The OCR seemingly expects all mobile devices housing PHI to be encrypted. HIPAA privacy and security officers should review and update their plans accordingly.
Submitted by: Trish Calhoun, Esq., Carlton Fields
2018 Legislative Session – Health Law Matters
Every legislative session has its own personality, but in 30 years of lobbying – nothing quite compares to 2018. The session began with scandals and ended in tragedy. Typically, 10% of the bills introduced pass. This year only 200 of the 3,250 bills (roughly 6%) passed both Chambers, and only a handful of the 200 bills that passed were health bills.
House Bill 21. House Bill 21, by Rep. Jim Boyd and Sen. Lizbeth Benaquisto, addressed the opioid crisis. The comprehensive legislation limits prescriptions of opioids to a three-day supply unless a physician denotes that a medically necessary seven-day prescription is required; directs the Florida Department of Health (“DOH”) to establish guidelines for prescribing controlled substances and stipulates that practitioners who fail to follow the guidelines will be subject to discipline; requires all prescribers to complete a two-hour controlled substance continuing education course; and proposes changes to the prescription drug monitoring program. The legislation becomes effective June 1, 2018, with certain provisions taking effect January 1, 2019.
House Bill 37. Direct primary care House Bill 37, by Rep. Danny Burgess and Sen. Tom Lee, passed creating a primary care medical practice model that allows practitioners to establish contractual relationships with patients for defined services. If approved by the Governor, the effective date is July 1, 2018.
Senate Bill 510. Senate Bill 510, by Sen. Dana Young and Rep. Mary Lynn Magar, requires adverse incident reporting at birthing centers effective March 19, 2018.
House Bill 551. House Bill 551, by Rep. Colleen Burton and Sen. Dana Young, provides a public record exemption for certain health care facility building plans received by the Agency for Health Care Administration, which would be effective upon approval by the Governor.
Senate Bill 622. Senate Bill 622, by Sen. Denise Grimsley and Rep. Clay Yarborough, revises numerous provisions relating to health care facility regulations, which becomes effective July 1, 2018.
House Bill 675. House Bill 675, by Rep. Jason Brodeur and Sen. Kelli Stargel, establishes Class III institutional pharmacies, which allows hospitals to move drugs from one location to another within their system.
House Bill 735. House Bill 735, by Rep. Gayle Harrell and Sen. Denise Grimsley, requires facilities performing mammograms to report certain findings to patients. These bills, if approved by the Governor, become effective July 1, 2018.
House Bill 937. House Bill 937, by Rep. Jeannette Nunez and Sen. Lauren Book, directs the DOH to establish two toll free perinatal mental health hotlines.
House Bill 1165. Decades of litigation and “trauma drama” may cease if House Bill 1165, by Sen. Dana Young and Rep. Jay Trumbull, is approved by the Governor. The bill reestablishes a Trauma System Advisory Council to compare trauma center standards; creates an objective needs-based formula for the establishment of new trauma centers based on population and caseload at existing trauma centers; and modifies the application process so that a new facility must be approved prior to operating as a trauma center. The bill also grandfathers in all currently, provisionally approved trauma centers.
House Bill 1337. House Bill 1337, by Sen. Jeff Brandes and Rep. Cary Pigman, changes the term “advanced registered nurse practitioner” to “advanced practice registered nurse” throughout the Florida Statutes, including those granting APRNs the same prescribing authority as ARNPs.
House Bill 7099. House Bill 7099 ratifies the nursing home generator rule following the deaths at The Rehabilitation Center at Hollywood Hills in the aftermath of Hurricane Irma. The bill requires all nursing homes to have the ability to maintain 30 square feet per resident at 81 degrees or less for a period of 96 hours and to have fuel on site to power generators for 72 hours. If the Governor approves the bill, the rule will go into effect July 1, 2018. Nursing homes may receive an extension until July 1, 2019 with a showing of good cause.
Senate Bill 7026. Senate Bill 7026, The Marjory Stoneman Douglas High School Public Safety Act, became priority legislation following the unconscionable mass shooting at the Parkland, Florida high school on February 14, 2018. The legislation, effective March 9, 2018, prohibits people who have been subject to involuntary examination under the Baker Act or who have been declared mentally “defective” from owning or possessing a firearm until a court orders otherwise. The bill authorizes law enforcement officers to seize and hold firearms and ammunition from the person for 24 hours, or longer, if merited. In addition, county school districts may decide whether to participate in the “guardian program” that permits the arming of teachers and other school personnel.
Legislation on the following topics did not pass: allowance of 24-hour ambulatory surgery centers (HB 23/SB 250), creation of 72-hour recovery care centers (HB 23), repeal of certificate of need (HB 27/SB 1492, but note this is the subject of a proposal before the Constitutional Revision Commission), creation of advanced birthing centers (HB 1099/SB 1564), implementation of disaster preparedness and response (HB 7085), creation of patient safety culture surveys (HB 35/SB 1458), development of an infectious disease elimination pilot program (SB 800/HB 579), regulations for telemedicine (SB 280/HB 793), creation of telepharmacy (SB 843/HB 679), adoption of fail-first protocols (SB 98/HB 199), overhaul of personal injury protection (SB 150/HB 19), and allowance of physician fee sharing (HB 425/SB 1862).
Legislation and staff analyses may be found at www.flsenate.gov and www.myfloridahouse.gov.
Submitted by: Jan Gorrie, Esq., Of Counsel, Panza, Maurer & Maynard, P.A.
LICENSING & SCOPE OF PRACTICE UPDATES
Governor Rick Scott Signs House Bill 21 (HB 21), Imposing New Requirements and Restrictions on Prescribing Controlled Substances in Florida
On March 19, 2018, Governor Rick Scott signed into law House Bill 21 (HB 21), which will impose greater constraints and oversight over the prescribing of controlled substances in Florida. The newly enacted law, which becomes effective June 1, 2018, with certain provisions taking effect January 1, 2019, creates Section 456.0301, Florida Statutes, and will require certain health care practitioners to enroll into, and complete, a board-approved (e.g. Board of Medicine, Board of Nursing) continuing education course to continue prescribing controlled substances. The law also amends and expands already existing Florida statutes, imposing new licensing requirements and greater restraints on prescribing controlled substances, such as certification requirements, new disciplinary actions, new definitions, new requirements for use of the prescription drug monitoring program and other electronic medical systems, as well as requiring certain agencies to create and adopt rules for prescribing controlled substances.
One of the primary goals of the bill was to combat Florida’s ongoing opioid epidemic. As a result, one of the most publicized portions of this bill is the amendment of Section 465.0276, Florida Statutes, which will limit prescribing opioids, and certain other controlled substances, to only a three-day supply; with an extended seven-day supply if certain conditions met. For the full text of the law please click the link below.
Submitted by: Paul Thompson, Esq., MPH, Contract Attorney, Raymond James Financial, Inc.
Department of Justice Raises Penalties for False Claim and Anti-Kickback Violations
On January 29, 2018, the United States Department of Justice (“DOJ”) increased the per-claim range of civil monetary penalties under the federal False Claims Act (31 U.S.C. § 3729 et seq.) (“FCA”) in accordance with a statutory requirement issued under the Bipartisan Budget Act of 2015, Public Law 114–74. Simultaneously, the DOJ increased the per-claim civil monetary penalties for federal Anti-Kickback Statute (42 U.S.C. § 1320a-7b et seq.) (“AKS”) violations.
Section 701 of the Bipartisan Budget Act of 2015, entitled the Federal Civil Penalties Inflation Adjustment Act Improvements Act of 2015, revised federal requirements for civil monetary penalties by federal agencies. Section 701 of the Balanced Budget Act of 2015 required federal agencies to adjust civil monetary penalties each year on January 15 to account for inflation during the preceding year. The new formula for calculating inflation adjustments to civil monetary penalties drastically increased civil monetary penalties during the first adjustment period in 2016. Prior to this first adjustment in 2016, the civil monetary penalties for AKS and FCA violations remained unchanged since 1996, when they were revised pursuant to the Debt Collection Improvement Act of 1996. In 1996, the per-claim civil monetary penalty for FCA violations was increased to $5,500 to $11,000 per claim and for AKS violations to $11,000 per claim. 64 Fed. Reg. 47099, 47,104 (Aug. 30, 1999).
Civil monetary penalties assessed after January 29, 2018 for AKS violations occurring after November 2, 2015 are now are $22,363 per claim, up from $21,916 per claim. 83 Fed. Reg. 3944, 3945 (Jan. 29, 2018).
Civil monetary penalties assessed after January 29, 2018 for FCA violations occurring after November 2, 2015, now range between $11,181 to $22,363 per claim, up from $10,957 to $21,916 per claim. Id. In addition to the civil monetary penalties, defendants still are subject to damages calculated at treble the amount paid by a governmental program for FCA violations.
Submitted by: Timothy S. Wombles, Esq., Broad and Cassel, LLP
CMS Finalizes Coverage for Next-Generation Sequencing Tests
On March 16, 2018, CMS finalized a national coverage determination (“NCD”) for next generation sequencing (“NGS”) tests in a final decision memo (see “Decision Memo for NGS for Beneficiaries with Advanced Cancer CAG-00450N”). This decision is in response to a formal request to CMS to establish coverage for comprehensive genetic profile testing after the U.S. Food and Drug Administration (“FDA”) approved the FoundationOne CDx (“F1CDx”), a next generation sequencing device, last Fall.
NGS provides detailed information on multiple types of genetic alternations simultaneously, providing comprehensive and clinically actionable information based on the individual genomic profile of each patient’s cancer. Providers believe the technology can help doctors consult with patients about more targeted care and assist in making more informed treatment decisions.
In addition to covering the FDA-approved F1CDx, CMS is covering FDA-approved or cleared companion in-vitro diagnostics when the test has an FDA-approved or cleared indication for use in that patient’s cancer and results are provided to the treating physician. Additional coverage criteria that must be met under the NCD include that the patient: (1) has either recurrent, relapsed, refractory, metastatic, or advanced stages III or IV cancer; (2) has not been previously tested using the same NGS test for the same primary diagnosis of cancer; (3) and that the patient has decided to seek further cancer treatment (e.g., therapeutic chemotherapy).
Submitted by: Anne L. Kelley, J.D. Candidate, University of Florida
FDA Proposes Rule to Lower Nicotine in Cigarettes
On March 16, 2018, the Food and Drug Administration (“FDA”) issued an advance notice of proposed rulemaking (“ANPRM”) to obtain information for consideration in developing a tobacco product standard setting the maximum nicotine level for cigarettes (See: https://www.federalregister.gov/documents/2018/03/16/2018-05345/tobacco-product-standard-for-nicotine-level-of-combusted-cigarettes).
The ANPRM summary asserts that tobacco-related harms ultimately result from the addiction to nicotine in cigarette products. As a result of this public health concern, the FDA is considering reducing the level of nicotine in these products to make them minimally addictive or non-addictive. The FDA purports to use the best available science to determine a level that is appropriate for the protection of public health. The FDA states that the scope of products covered by any potential product standard will be one main issue for comment in the ANPRM. The FDA also recognizes that any additional scientific data and research relevant to the empirical basis for regulatory decisions related to a nicotine tobacco product standard will be an issue for comment in the ANPRM as well.
Electronic comments must be submitted on or before on June 14, 2018. Comments received by mail/hand delivery courier must be postmarked on or before that date.
Submitted by: Anne L. Kelley, J.D. Candidate, University of Florida
Need a Lyft? Non-Emergency Medical Transportation Ridesharing: Uber Helpful and Uber Risky
Over three million Americans miss or delay medical appointments each year because of inadequate transportation, and an estimated 25% of patients miss an appointment because of lack of transportation. Ridesharing companies have identified an unmet need and are eager to break into the multi-billion dollar, non-emergency medical transportation (“NEMT”) industry.
As traditional public transit and taxi cab services are fraught with cancellations, delays, and lengthy travel time, ridesharing platforms appear to offer promising solutions to access and continuity of care issues, particularly for vulnerable patient populations with limited resources who often have the greatest need for medical care. Just as ridesharing companies have aimed to fill a need in the market for general transportation, they see an opportunity in the NEMT space as well.
Healthcare /NEMT partnerships are proliferating in 2018. In early March 2018, Uber announced its latest initiative, Uber Health, and Lyft announced a partnership with AllScripts and a separate partnership with Blue Cross Blue Shield, CVS, and Walgreens. Both Uber Health and Lyft’s partnership with Allscripts will allow providers to schedule – and pay for – transportation for their patients, and Lyft’s partnership with CVS and Walgreens will offer Blue Cross Blue Shield members complimentary transportation to CVS or Walgreens pharmacies. While these novel transportation platforms have the potential to improve access to care, reduce barriers to healthcare access, and decrease no-show rates for providers, ridesharing NEMT poses significant legal and compliance risks as well.
Healthcare providers who wish to schedule and pay for transportation services for their patients should beware of potential regulatory hurdles, particularly fraud and abuse concerns if providers offer these services at little or no cost to federal program beneficiaries. Potential violations of the Civil Monetary Penalties Law (“CMP”) and the Anti-Kickback Statute (“AKS”) could be alleged for the provision of these services. Healthcare providers should endeavor to meet codified safe harbors to the AKS and exceptions to the beneficiary inducement provisions of the CMP, that address free and discounted services, including transportation.
In addition to AKS and CMP concerns, ride-sharing NEMT poses Health Insurance Portability and Accountability Act (“HIPAA”) and cybersecurity risks as well. These ride-sharing platforms will be accessible by providers online or integrated into a health facility’s existing electronic medical record system. Providers should consider potential cybersecurity exposure, including the risk for a breach of patients’ protected health information through the ridesharing platform, and whether the provider’s electronic medical record system could be accessed or hacked when linked to the ridesharing platform.
While the logistical benefits to provider-coordinated and funded transportation may be significant, the risks may be as well. Providers who are considering the use ridesharing platforms to coordinate patient transportation should consider all legal risks and ensure the relationships and transactions are structured to comply with all state and federal regulations.
Submitted by: Erica Mallon, Esq., Carlton Fields
 ALJ Shearer Nelson concluded that Petitioners challenged the “look-back” provision in Rule 64B13-4.001(2), Florida Administrative Code (2015), pursuant to Sections 120.57(8)(b), (c), (d), and (e), Florida Statutes. Yontz, 2017 WL 1423480, at 22.
 Section 463.006(1)(b)(2), Florida Statutes, states “[t]he department shall examine each application who the board determines has . . . submitted proof satisfactory to the department that she or he . . . has graduated from an accredited school or college of optometry approved by rule of the board.”
 The Florida Senate put forth an identical bill, S.B. 520, to correct the same issue.
 Herbert Hovenkamp, The Antitrust Enterprise: Principle and Execution 1 (2005).
 ABA Section of Antitrust Law, Merger Review Process, 1 (4th ed. 2012).
 15 U.S.C. § 18.
 FTC, The Antitrust Laws, https://www.ftc.gov/tips-advice/competition-guidance/guide-antitrust-laws/antitrust-laws (last visited Apr. 11, 2018).
 386 U.S. 568 (1967).
 FTC v. Procter & Gamble, Co., 386 U.S. 568, 579 (1967).
 838 F.3d 327, 348 (3d Cir. 2016).
 778 F.3d 775, 790 (9th Cir. 2015).
 See FTC v. Tenet Health Care Corp., 186 F.3d 1045 (8th Cir. 1999); FTC v. Univ. Health, Inc., 938 F.2d 1206 (11th Cir. 1991); ProMedica Health Sys., Inc. v. FTC, 749 F.3d 559, 571 (6th Cir. 2001); FTC v. H.J. Heinz Co., 246 F.3d 708, 720 (D.C. Cir. 2001).
 Christopher L. Sagers, Antitrust: Examples and Explanations 298 (2011).
 Christopher L. Sagers, Antitrust: Examples and Explanations 298 (2011). See Am. Bar Ass’n., Antitrust Law Developments (Sixth) 362 & n.227 (6th ed. 2007) (collecting cases and so stating).
 FTC v. Penn State Hershey Med. Ctr., 838 F.3d 327, 348–49 (3d Cir. 2016).
 U.S. v. Anthem, Inc., 236 F. Supp. 3d 171 (2017).
 386 U.S. 568 (1967).
 Anthem Inc. v. U.S., 855 F.3d 345 (D.C. Cir. 2017), cert. denied, 137 S. Ct. 1250 (2017) [hereinafter Petition for Cert.].
 Anthem, Inc., 236 F. Supp. 3d at 181.
 Anthem, p. 8 https://www.justice.gov/atr/case-document/file/940946/download.
 Anthem-Cigna Merger Blocked by Appeals Court and the Utility of Efficiencies in Mergers going Forward, Crowell Moring (May 8. 2017), https://www.crowell.com/NewsEvents/AlertsNewsletters/all/Anthem-Cigna-Merger-Blocked-by-Appeals-Court-and-the-Utility-of-Efficiencies-in-Mergers-Going-Forward.
 See FTC, 838 F.3d at 348; Saint Alphonsus Med. Center-Nampa, Inc. v. St. Luke’s Health Sys., Ltd., 778 F.3d 775, 790 (9th Cir. 2015).
 415 U.S. 486 (1974).
 See FTC, 186 F.3d at 1045; FTC v. Univ. Health, Inc., 938 F.2d 1206 (11th Cir. 1991).
 Anthem Inc., 855 F.3d at 345.
 42 U.S.C. § 1320a-7b.
 31 U.S.C. §§ 3729-3733.
 Regulation 2016/679, Apr. 27, 2016.
 Processing is defined as, “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.” Art. 4(2).
 Personal data is defined as “any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” Art. 4(1).
 Indirectly, healthcare organizations may be faced with contractual obligations to assist another party with achieving their GDPR requirements. An example relationship is that of covered entity and business associate. Business Associates may be contractually required to assist a covered entity comply with HIPAA.
 Rec. 22 GDPR states, “[e]stablishment implies the effective and real exercise of activity through stable arrangements.”
 Art. 3 GDPR.
 Art. 15 GDPR.
 Art. 16 GDPR.
 Art. 17 GDPR.
 Art. 18 GDPR.
 Art. 32 GDPR.
 Art. 19 GDPR.
 Art. 33 GDPR.
 Art. 34 GDPR.
 A personal data breach is defined as, “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.” See Art. 4(12) GDPR.
 Data concerning health is defined as, “personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.” See Art. 4(15) GDPR.
 Genetic data is defined as, personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question. See Art. 4(13) GDPR.
 Biometric data is defined as, “personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data.” See Art. 4(14) GDPR.
 Under the GDPR health-specific conditions are required to process this type of data. These conditions include that: “processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services [ … ]; “processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices […].” See Art. 9 GDPR. Moreover, a data subject can also give explicit consent to the processing of their data. Id. To obtain a valid consent under the GDPR several factors must be present (e.g., freely given, specific, and unambiguous). See Rec. 32 GDPR.
 European Commission, Commission publishes guidance on upcoming new data protection rules (January 24, 2018), http://europa.eu/rapid/press-release_IP-18-386_en.htm.
 $5.5 Million HIPAA Settlement Shows Importance of Audit Controls, Dep’t Health & Human Servs. (Feb. 16, 2017), https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/memorial/index.html.
 Richard Wallace et al., Access to Health Care and Nonemergency Medical Transportation: Two Missing Links, Transportation Research Record Journal of the Transportation Research Board, Jan. 2005, at 76.
 Samina T. Syed et al., Traveling Towards Disease: Transportation Barriers to Health Care Access, J. Comm. Health, Oct. 2013.
 Richard Garrity and Kathy McGehee, Impact of the Affordable Care Act on Non-Emergency Medical Transportation (NEMT): Assessment for Transit Agencies 2 (2014).
 42 U.S.C. § 1320a-7a.
 Id. § 1320a-7b.
 Id. § 1001.952.
 Id. § 1320a-7a(a)(5).