ML Strategies has posted its weekly Health Care Update. This publication provides timely information on implementation of the Affordable Care Act, Congressional initiatives affecting the health care industry, and federal and state health regulatory developments. Top news this week includes the resignation of Secretary Kathleen Sebelius, the unprecedented release of Medicare physician payment data, and the decision to ban the painkiller drug Zohydro in Massachusetts. Click here to read this week’s Update.
Written by: Nili Yolin
The Accreditation Council for Graduate Medical Education (ACGME), American Osteopathic Association (AOA), and the American Association of Colleges of Osteopathic Medicine (AACOM) will be forming a unified, single accreditation system for allopathic and osteopathic physicians in 2015. First announced in October 2012, the three governing boards finally approved the framework for implementing a single accreditation system last month, which calls for the AOA and AACOM to become member organizations of the ACGME, thereby allowing the ACGME to accredit all osteopathic graduate medical education programs that are currently accredited by the AOA. In so doing, osteopathic physicians (DOs) training in AOA-accredited residency programs will be able to transfer into ACGME-accredited residencies without having to repeat any years of training.
The U.S. Department of Health and Human Services (HHS) announced on April 9th a “historic” release of Medicare payment data to provide consumers with “unprecedented transparency on the medical services physicians provide and how much they are paid.” The Centers for Medicare and Medicaid Services (CMS) declared its intent to make such data available in an April 2ndletter to the American Medical Association. CMS stated on its blog that “[p]roviding consumers with this information will help them make more informed choices about the care they receive.” The new data set covers more than 880,000 health care providers in all 50 states, the District of Columbia, and Puerto Rico, who collectively received $77 billion in Medicare payments in 2012 under the Medicare Part B Fee-For-Service program.
The data set includes information on the provision of services by physicians and how much they are paid for those services and is organized by provider (National Provider Identifier or NPI), type of service (Healthcare Common Procedure Coding System, or HCPCS, code), and place of service (either facility or non-facility). The data set also includes the number of services, average submitted charges, average allowed amount, average Medicare payment, and the number of unique beneficiaries treated.
To protect the privacy of Medicare beneficiaries, any aggregated records which are derived from 10 or fewer Medicare beneficiaries are excluded from the data set.
April 8, 2014 marked the end of Microsoft’s support for the Windows XP operating system, which means the end of security updates from Microsoft and the beginning of new vulnerability to hackers and other intruders into systems still utilizing the operating system. But does the end of Windows XP support mean that HIPAA covered entities and their business associates using Windows XP are automatically out of compliance with HIPAA as of April 8th? Not necessarily.
It is impossible to say with certainty that April 8th equals HIPAA non-compliance for XP users. There is no one-size-fits-all answer as to whether or not continued use of XP will result in a HIPAA violation, because there is no one-size-fits-all approach to compliance with the HIPAA Security standards. HIPAA Security standards are “flexible and scalable” to ensure that each regulated entity may implement security measures that are reasonable in light of the size and complexity of the organization. As a threshold matter, users of Windows XP must determine whether or not electronic protected health information or (“ePHI”) even passes through an affected system. XP users should also evaluate whether or not there are compensating security measures to protect ePHI or whether additional security measures could be implemented to temporarily protect ePHI, such as disconnecting affected computers from the internet.
Earlier this week, CMS announced in its Final Call Letter that Medicare Advantage rates would rise an average of 0.4 percent in 2015, instead of falling 1.9 percent as proposed in February. CMS’s shift in course may stem from the 1300 comments the agency received in response to February’s advance notice, which announced Medicare Advantage rate cuts along with a range of other controversial policies. This is the second straight year in which CMS proposed significant rate reductions, but then backtracked following a review of stakeholder comments.
The Final Call Letter contains many significant departures from February’s draft, again most likely in response to stakeholder comments. CMS opted not to finalize several proposals:
- Diagnoses from Enrollee Risk Assessments Resulting from Home Visits. CMS expressed concern that provider visits to beneficiaries’ homes were used to gather diagnoses for payment rather than to provide treatment to beneficiaries and proposed to exclude diagnoses obtained from home visits for purposes of 2015 risk adjustment payments. CMS did not move forward with this proposal, but noted that it will study data submitted by Medicare Advantage Organizations to determine whether further policy changes are required.
- Enhanced Alternative Plans. CMS proposed that all Part D enhanced alternative plans would be required to provide additional cost-sharing reductions in the coverage gap for formulary generic and brand drugs. Many commenters opined that CMS’s proposal could cause disruption to beneficiaries with respect to their existing plans. As a result, CMS opted to abandon this proposal.
- Star Ratings. CMS did not move forward with several changes to Star Ratings, the plan rating scoring system used to measure Part C and D plan quality. Most notably, CMS opted to neither: (1) pursue independent plan audits to dispute CMS’s reductions in Star Ratings; nor (2) apply incremental reductions to measures based on the number of errors CMS finds. These proposals were aimed at ensuring the integrity of data supplied by plans to calculate Star Ratings, an issue CMS will continue to study. CMS remains committed to Star Ratings and moved forward with other updates. The Final Call Letter contains an Appendix that summarizes stakeholder comments to CMS’s proposals impacting Star Ratings.
Written by: Kimberly J. Gold
The U.S. Department of Health & Human Services (“HHS”) announced last week that same-sex married couples can now qualify for Medicare Part A and Part B special enrollment periods and reductions in late enrollment penalties.
This policy change results from the groundbreaking 2013 Supreme Court ruling in United States v. Windsor that Section 3 of the Defense of Marriage Act (“DOMA”), which defined marriage as a union between one man and one woman, was unconstitutional. Because of this ruling, Medicare is no longer prevented by DOMA from recognizing same-sex marriages for determining entitlement to, or eligibility for, Medicare.
HHS Secretary Kathleen Sebelius stated that the Medicare changes will help “to clarify the effects of the Supreme Court’s decision and to ensure that all married couples are treated equally under the law.”
Today, the three federal agencies charged with regulating components of health information technology (“Health IT”) issued their long-awaited Health IT Report: Proposed Strategy and Recommendations for a Risk-Based Framework (the “Report”). The Report seeks to develop a strategy to address a risk-based regulatory framework for health information technology that promotes innovation, protects patient safety, and avoids regulatory duplication.
Congress mandated the development of the Report as part of the 2012 Food and Drug Administration Safety and Innovation Act, requiring the Food and Drug Administration (“FDA”), the Office of the National Coordinator for Health Information Technology (“ONC”), and the Federal Communications Commission (“FCC”) to coordinate their efforts to regulate Health IT. Notably, the Report identifies and distinguishes between three types of Health IT: (i) health administration Health IT, (ii) health management Health IT, and (iii) medical device Health IT.
The recommendations in the Report include continued interagency cooperation and collaboration, the creation of a public-private safety entity—the Health IT Safety Center—and a risk based approach to the regulation of Health IT. The Report emphasizes that the functionality of Health IT and not the platform for the technology (mobile, cloud-based, or installed software) should drive the analysis of the risk and the regulatory controls on Health IT.
The Protecting Access to Medicare Act of 2014 (HR 4302), signed by President Obama yesterday, contains a number of provisions that are important to clinical laboratories, and they include:
- Section 101, which extends current Medicare reimbursement services for physician services (also known as the “doc fix”). Passage of this provision is of particular interest to laboratories that rely on reimbursement for anatomic pathology and other physician services, especially in light of previous cuts to Medicare rates paid for these services.
- Section 212, which delays the implementation of ICD-10 code sets by one year, until October 1, 2015. ICD-10 consists of over 140,000 diagnosis codes, and each code consists of three to seven digits, which means that the new codes will require more time and effort to assign. Many laboratories – which heavily rely on physicians to furnish the diagnosis codes necessary to bill for the testing they perform – are struggling with ICD-10 implementation issues and undobubtedly will welcome the reprieve.
- Section 216, which enacts an entirely new process for adjusting Medicare Clinical Laboratory Fee Schedule (MCLFS) rates. Beginning on January 1, 2016, and every three years thereafter (or annually with respect to an “advanced diagnostic laboratory test,” which are subject to a different process), most laboratories will report to the Centers for Medicare & Medicaid Services (CMS) the payment rates paid by each private payor (including Medicare managed care plans) for the test during the previous twelve months. Reporting would reflect all discounts or other price reductions, but would not include tests capitated payments. All information would be deemed confidential. On or after January 1, 2017, MCLFS rates will be based on a weighted median, and any reductions to payments will be phased in over time. Passage of Section 216 means that CMS no longer has the authority to revise MCLFS rates based on technological changes. That process is described in a previous post.
Written by: Ellyn L. Sternfield
With its March 31, 2014 denial of certiorari in U.S. ex rel. Nathan v. Takeda, the U.S. Supreme Court declined to wade into the ongoing debate over the degree of particularity with which a false claims relator must plead a violation of the federal Civil False Claims Act.
The District Court in Takeda dismissed the relator’s Complaint for failing to meet Rule 9(b) pleading standards. The Fourth Circuit sustained the dismissal, finding that the Complaint failed to allege with sufficient particularity that Takeda’s alleged off-label marketing scheme had actually resulted in false claims being submitted to a federally-funded health care program. In fact, the Complaint did not establish that any false claims were submitted to the government. In his Petition to the Supreme Court, the relator argued that the Fourth Circuit’s decision was at odds with the false claims pleading requirements in other circuits. As described in our November Qui Tam Update, the issue is:
Whether Rule 9(b) of the Federal Rules of Civil Procedure requires that a complaint under the False Claims Act “allege with particularity that specific false claims actually were presented to the government for payment” as required by the Fourth, Sixth, Eighth and Eleventh Circuits, or whether it is instead sufficient to allege the “particular details of” a “scheme to submit false claims” together with sufficient indicia that false claims were submitted, as held by the First, Fifth, Seventh and Ninth Circuits.
On March 28, 2014, the Office of Civil Rights (OCR) announced the release of an online and iPad app-based security risk assessment (SRA) tool. The tool is intended to help health care providers in small to medium sized offices conduct and document risk assessments of their organizations and meet their compliance obligations under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The SRA tool is a self-contained, operating system application that can run on Windows for desktop and laptop computers or Apple’s iOS for iPad. OCR has imposed penalties based on a provider’s failure to properly perform a risk assessment compliant with the Security Rule’s standards, as we profiled in a recent post. The release of the tool further signals OCR’s increased focus on preventive measures that covered entities and business associates must undertake to demonstrate awareness of and adherence to HIPAA’s requirements.