Pharmacies using automated dialers for prescription refill reminders and relying on the statutory prescription refill reminder exemption to the TCPA’s prohibition on the use of automated dialing equipment as an impenetrable blanket against liability need to think again.
The case of Smith v. Rite Aid Corporation, 2018 WL 5828693 (W.D.N.Y. Nov. 7, 2018), revolves around a Rite Aid pharmacy’s use of a prescription refill reminder program to contact a patient to pick up a prescription. The pharmacy placed several calls per week intended to remind the patient to come into the store to pick up their prescription. However, an innocent bystander instead of the intended recipient of the mediation received the calls; either due to error in taking the phone number down or a due to the number being reassigned (which happens to thousands of numbers on a daily basis!). The unintended recipient of the multiple prescription refill reminder calls filed a class action lawsuit under the federal Telephone Consumer Protection Act (“TCPA”), which provides for statutory penalties of $500-$1,500, per call.
Over the past few years, it seems like physician employment agreements are getting shorter and shorter. While I applaud all efforts towards efficiency and economy, you should not always take those documents at face value. For example, I recently reviewed a one page employment contract for a client. That single page basically said, “We are hiring you as our employee for a term of one year, with an annual salary of $$$.”
At first glance, the simplicity of that document might seem refreshing. That’s especially true if you’re worried about how much time it’s going to take for your lawyer to get through it! My client’s second glance revealed a multitude of unanswered (and essential) questions. There was no mention of expected duties, schedules, standards, renewals, terminations, insurance, benefits, vacation time, sick leave, CME, etc. in the employment contract However, when we reviewed the contract together, we discovered that although those points were not even referenced on that single page, they were still legally, “in there.”
On November 29, 2018, Florida Representative Chuck Clemons proposed house bill 65 (“HB 65”) that would significantly tighten regulation on the use of stem cells. If the stem cell bill is signed into law, Florida will join other states (e.g. California, Texas and Washington) in passing some type of stem cell regulation. While some bills around the country have centered the regulation on informing prospective customers of the risks associated with these treatments, HB 65 takes a more stringent approach with the threat of criminal exposure and includes certain protections for providers in the form of a “right-to-try” law.
On November 1, 2018, a federal court judge in the U.S. District Court for the District of Columbia granted a motion for summary judgment in favor of the American Hospital Association (AHA) ordering the U.S. Department of Health and Human Services (HHS) to clear the Medicare appeal backlog by fiscal year (FY) 2022. If you have not been following this litigation, the AHA initially filed suit in 2014 against the Secretary of the U.S. Department of Health and Human Services (HHS) requesting an order from the court mandating the Office of Medicare Hearings and Appeals (OMHA) within HHS to comply with its statutory deadlines (i.e. to issue a decision within 90 days). Following brief review by the U.S. Court of Appeals and upon the case being before the district court for a third time, the case has finally reached a resolution.
In short, HHS agreed that due to recent funding, compliance is possible within four years. Accordingly, the judge set the following deadlines for HHS and OMHA:
There are perfectly compliant ways to engage with healthcare marketers, and then there’s this; here are some of the latest real-life examples:
“DME BRACE CAMPAIGN – $40 to $150 PER LEAD PER BRACE”
“DME DIABETIC LEADS $40 PER LEAD, INSURANCE AND DOC INFO INCLUDED”
“PAIN CREAM/LIDOCANE LEADS FOR SALE, RX INCLUDED”
These marketers are seemingly holding auctions for the sale of federally protected patient health information out to the highest bidder! Couldn’t make this stuff up – if you’re in this industry, a quick gander at your (business) social media platforms will quickly confirm it.
Regulatory compliance is a mandatory investment for any healthcare business owner looking to stay out of serious and personal legal peril, let alone one hoping to keep their company viable.
Yet there is seemingly an onslaught of providers that blatantly run afoul of many of these regulations, knowingly or not, or those that believe they may have found a loophole.
Concerning the latter, there is an important mantra that such DME and pharmacy providers should remember and live by: “[W]hat a provider cannot do directly, it cannot do indirectly through an intermediary.”
Marketing for DME – What exactly am I talking about?
DME providers enrolled with CMS (should) know they cannot solicit or ‘cold call’ Medicare Part B beneficiaries, per the Federal Anti-Solicitation Statute, and that they cannot offer anything of value to a potential patient that could induce them to utilize them as a provider, in accordance with the Beneficiary Inducement Statute.
Multiple health care businesses have scored wins this year in their fight to prevent CMS from recouping payments before having an opportunity for an Administrative Law Judge (ALJ) hearing. The similarity? They each sought a temporary injunction in federal court. Arguing that the alleged recoupments would cause the businesses to close, employees to lose their jobs and patients would be forced to change their providers, the businesses were granted temporary injunctions enjoining CMS from starting recoupment until the ALJ appeal stage had reached a conclusion.
The Office of Inspector General (OIG) announced the launch of a new tool on its website titled the “Fraud Risk Indicator”. The OIG has stated that the purpose for the tool is to provide guidance on how it has evaluated risk in settling False Claims Act (FCA) cases and to publicize information about where FCA defendants fall on the OIG’s risk spectrum. This tool can benefit patients, healthcare industry professionals and other individuals who may find this information relevant. This tool will also benefit the public with information about providers charged under the FCA that are at high risk for committing healthcare fraud. The Indicator shows the Risk Spectrum from Highest Risk to Lower Risk.
Private money (e.g. private equity) is in full swing purchasing medical practices with large profit margins (e.g. dermatology). This is NOT the same thing as when physician practice management companies (PPMCs) bought practices the 90s. Back then, the stimulus for the seller was (a) uncertainty re practice profits in the future, and (b) the stock price. Selling practices got some or all of the purchase price in stock, with the hopes the purchasing company stock would far exceed the multiplier applied to practice “earnings” (the “multiple”). Buyers promised to stabilize and even enhance revenues with better management and better payer contracting. If the optimism of the acquiring company and selling doctors was on target, everyone won because the large stock price made money for both the buyer and seller. The private equity “play” today is a little different.
Today’s sellers are approaching the private equity opportunity the same way they did with PPMCs, except for the stock focus since most private equity purchases don’t involve selling doctors obtaining stock. Sellers hope their current practice earnings will equate to a large “purchase price.” And they hope the buyer have better front and back office management that will result in more stable and even enhanced earnings. And for this, the private equity buyer takes a “management fee,” which they typically promise (though not in writing) to offset with enhanced practice earnings.
It has been a busy autumn for the enforcement of health care privacy rights. Recent activities range from settling the claim for the largest HIPAA violation in US history, to penalties imposed for filming TV shows, to actions initiated by state governments. All of these actions confirm the serious position taken by regulators nationwide to protect the privacy of protected health information (PHI).
The Big One
On October 15, 2018, Anthem, Inc., an independent licensee of Blue Cross, paid $16 million to settle its claim with the HHS Office of Civil Rights (OCR), for a breach that compromised the PHI of 79 million people. This was the largest reported breach in history. The PHI breach occurred in 2015, when hackers initiated a “spearfishing” attack via fraudulent emails. The government found that Anthem lacked appropriate information system procedures to identify and respond to security breaches, and minimum access controls to stop these kinds of attacks.
In addition to the financial penalty, Anthem agreed to a corrective action plan, in which it agreed to perform a risk analysis, and incorporate the results of the analysis into its existing processes, in order to achieve a “reasonable and appropriate level” of HIPAA compliance.
This settlement is in addition to the $115 million settlement Anthem reached last year with the victims of the breach.
Health law is the federal, state, and local law, rules, regulations and other jurisprudence among providers, payers and vendors to the healthcare industry and its patient and delivery of health care services; all with an emphasis on operations, regulatory and transactional legal issues.