Telemedicine pharmacy arrangements continue to be of significant interest to fraud enforcement. A 2018 case in which four individuals and seven companies were indicted ended in a month-long jury trial of one of the individuals, a Florida pharmacy owner. The federal jury trial in the billion-dollar telehealth pharmacy fraud scheme resulted in conviction on 22 counts of mail fraud, conspiracy to commit health care fraud and introduction of misbranded drugs into interstate commerce. Sentencing in the case is set for May of 2022. Other co-conspirators entered plea agreements along the way, pleading guilty to various charges including felony conspiracy to commit health care fraud, felony misbranding, conspiracy to commit wire fraud, and fraudulent telemarketing of dietary supplements, skin creams and testosterone. Many of these are still awaiting sentencing, also expected to be scheduled sometime in 2022.
The scheme involved several individuals, compounding pharmacies and telemarketers engaged in a conspiracy to commit health care fraud, mail fraud and introducing misbranded drugs into interstate commerce. Peter Bolos, along with two other co-conspirators, owned and operated Synergy Pharmacy in Palm Harbor, Florida. Working with HealthRight, a telemarketer, the co-conspirators generated prescriptions for drugs such as pain creams, scar creams, and vitamins. Using the HealthRight telemarketing platform, they would call consumers and deceive them into providing their personal insurance information and accept the drugs. HealthRight then communicated the prescription requests to physicians who authorized the prescriptions without ever interacting with the patients, and paid those physicians for issuance of the prescriptions. Through this scheme, the co-conspirators were able to solicitate insurance coverage information from consumers across the county for prescription pain creams, fraudulently obtain prescriptions, mark up the prices of the drugs and bill private insurance carriers.
Almost two years after “Operation Brace Yourself” regarding purported telemedicine and orthotic bracing fraud made national headlines, on February 4, 2021 the Department of Justice Announced that a major player in that fraud – Florida businesswoman Kelly Wolfe – recently pled guilty to criminal health care and tax fraud charges.
Operation Brace Yourself was a 2019 crackdown on the illegal use of telemarketing and telemedicine to generate fraudulent claims for DME orders, whose reach spanned continents and ultimate implications defrauded taxpayers out of billions of dollars.
According to the Department of Justice Press Release and Settlement Agreement, Mr. Wolfe was seemingly a significant mastermind in establishing hundreds of DME companies that went on to defraud US taxpayers and Medicare beneficiaries.
Here are some highlights of the recently signed Settlement Agreement between the United States DOJ, Kelly Wolfe and her company Regency, Inc.
On January 31, 2020 the US Department of Health and Human Services (“HHS”) declared a public health emergency surrounding the COVID-19 coronavirus pandemic, which was renewed again for a period of 90 days effective July 25, 2020.
In an attempt to focus on patients over paperwork and to remove obstacles from access to patient care, HHS relaxed or suspended certain healthcare provider requirements. Several such changes directly impact current or prospective providers of durable medical equipment (“DME”) to Medicare Part B beneficiaries.
Here’s a high-level breakdown of some of those changes:
On June 30, 2020, State Surgeon General, Scott A. Rivkees, M.D., issued Emergency Order (“EO”) 20-011, which further extends EO 20-002 until the expiration of the Governor’s Executive Order No. 20-52, or any extensions thereof. Thus, EO 20-011 continues to allow out-of-state MDs, DOs, APRNs and PAs, to offer telehealth services to persons in Florida.
EO 20-011 continues to allow Florida licensed controlled substance prescribers (MDs, DOs, APRNs, PAs) to issue renewal prescriptions of controlled substances for non-malignant pain for existing patients. Additionally, EO 20-011 extends a qualified physician’s ability to recertify an existing qualified and certified patient’s continued use of medical marijuana using telehealth services. These further extensions are also tied to the expiration of Executive Order 20-52 and any extension thereof.
I recently wrote an article titled The Top Five Legal Concerns When Developing a Healthcare App, and I received some follow up questions, including technical queries about encryption and data sharing. To answer these questions, it is important to understand the current Healthcare App state of affairs. Various reporters, governmental agencies and privacy watchdogs have installed and monitored the flow of data from Healthcare Apps installed on smart phones. These journals, articles and enforcement actions taken together provide a roadmap for Do’s and Don’ts for the sharing of data.
Almost all Healthcare Apps are free and have some disclosures about how they share your data, and both iOS and Android require the user to give permission to the newly installed App, but who really pays attention to that? Almost no one. However, this doesn’t mean that an App developer shouldn’t embrace best practices to avoid liability and bad press.
Today no one can live without a smart phone, and we interact with the rest of the world through a series of apps that reside on our handheld devices. From the healthcare perspective many large healthcare institutions and private companies have developed a myriad of healthcare related apps that currently reside in Apple’s App Store and Googles Play Store. You can measure your heart rate, get clinical advice, view your records, check on your health insurance coverage, make appointments and virtually interact with many different types of healthcare providers. But even in today’s hyper-electronic society it took COVID-19 to really cause an explosion in telehealth, so what does that tell us? There is a lot more room for expanding electronic interactions with patients and clients through Apps. So, here are the top five legal concerns should you address when you develop a Healthcare App:
The COVID-19 virus has and will probably continue to change the way healthcare providers and business associates interact and help their patients. As many providers are aware, a HIPAA violation is a serious issue, and can cost a healthcare entity large amounts of time and money to respond to any regulatory investigation. Recognizing that the COVID-19 pandemic has strained every corner of the economy and is THE MOST IMPORTANT issue for almost every industry, the federal government has rolled back some HIPAA protections. It is unclear how long these rollbacks will last, and it is possible that some of them may be permanent, but for now healthcare providers and their business associates can take some comfort that they can focus on delivering care and not dealing with overly burdensome regulations and investigations. The major changes include:
Telehealth. Changes include allowing physicians and other healthcare providers to offer telehealth services across State lines, so State licensing issues should not be a concern. Additionally, Providers are essentially free to choose almost any app to interact with their patients, even if it does not fully comply with the HIPAA rules. The HHS allows the provider to use their business judgment, but of course, such communications should NOT be public facing – which means DO NOT allow the public to watch or participate in the visit!
Disclosures of Protected Health Information (PHI). A good faith disclosure of such information will not be prosecuted. Examples include allowing a provider or business associate to share PHI for such purposes as controlling the spread of COVID-19, providing COVID-19 care, and even notifying the media, even if the patient has not, or will not grant his or her permission.
Business Associate Agreement (BAA). As most healthcare providers know, a BAA agreement between a provider and an entity that may have access to PHI is required by law. During the COVID-19 pandemic, the lack of a BAA is not an automatic violation.
Earlier today, Governor DeSantis issued Executive Order 20-144 extending the State of Emergency declare in Executive Order 20-52 for another 60 days. Pursuant to the extension of Executive Order 20-52, the State Surgeon General’s Order 20-003 is also extended another 60 days as its expiration is tied to the expiration of Executive Order 20-52. Thus, telehealth providers from other states with valid and unencumbered licenses may continue to provide telehealth services to persons in Florida without registering with the Department of Health. Telehealth services must still be provided using two-way audio and video communications. Audio-only telephone calls are not permitted under Florida’s existing telehealth statute and have not been waived or suspended via the State Surgeon General’s Orders.
The new rules and temporary waivers to help combat the COVID-19 pandemic seem to be changing everyday and questions about telemedicine seem to be flying in. Even though CMS has created some flexibility during this incredibly uncertain time telemedicine laws remain tricky and one size does not fit all! Join Attorney Susan St. John of the Florida Healthcare Law Firm for this informative presentation and get questions answered about the new rules, the setup basics, the billing recommendations and the potential pitfalls.
Health law is the federal, state, and local law, rules, regulations and other jurisprudence among providers, payers and vendors to the healthcare industry and its patient and delivery of health care services; all with an emphasis on operations, regulatory and transactional legal issues.