Health Law Advisor

Since the passage of the Medical Device Amendments of 1976, FDA has regulated in vitro diagnostic (IVD) tests as medical devices, subject to a full suite of FDA requirements.  During that time, FDA has also asserted that it has the authority to regulate in-house tests developed and performed by CLIA-certified, high-complexity clinical laboratories (generally referred to as laboratory-developed tests or LDTs) but chose as a matter of enforcement discretion not to regulate LDTs.  Over time, the Agency chipped away slowly at LDT enforcement discretion, carving out certain kinds of tests (e.g., direct-to-consumer LDTs) and thus making them subject to regulation, but by and large did not take broad steps to regulate LDTs.

Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an organization’s highest priorities. Our security and privacy team at Epstein Becker & Green has written extensively about the guidance and best practices issued by federal and state regulatory and enforcement agencies. Execution, monitoring and continually updating these preventive practices define an organization’s first line of defense. But what happens in the event that an organization actually suffers a breach? Is there guidance that might be available, particularly to healthcare organizations, to deal with continuity and disaster planning (BC/DR) directed towards assuring resilience and recovery in the event of a potentially-disastrous cyberattack?

Much like the ambiguous landscape involving cannabidiol (CBD) products on the consumer market, an influx of delta-8 THC containing products for consumption has highlighted a recurrent regulatory issue surrounding the legality of hemp derived products at the federal level. The Agricultural Improvement Act of 2018 (the “2018 Farm Bill”), which, among other things, offered a federal definition of hemp and removed it from the list of Schedule I controlled substances, specifically carved out hemp derived products with less than 0.3% delta-9-tetrahydocannabinol (THC) on a dry weight basis, thereby allowing products that meet this definition to flood the consumer markets.

Connecticut becomes the fifth state to pass a comprehensive privacy law. Are you prepared for state privacy law compliance required in 2023?

The success of an artificial intelligence (AI) algorithm depends in large part upon trust, yet many AI technologies function as opaque ‘black boxes.’ Indeed, some are intentionally designed that way. This charts a mistaken course.

On April 20, 2022, the Department of Justice (DOJ) announced a nationwide coordinated enforcement action targeting COVID-19-related fraud involving charges against 21 individuals across nine federal districts, and over $149 million in alleged false claims submitted to federal programs.[1]

This marks the first significant DOJ enforcement action since Attorney General Merrick Garland named Associate Deputy Attorney General Kevin Chambers as the Director for COVID-19 Fraud Enforcement on March 10, an appointment President Biden previewed in his State of the Union address on March 1.

Overview

In this month’s post, in the medical device realm I explore what kinds of inspection citations most often precede a warning letter.  In this exercise, I do not try to prove causation.  I am simply exploring correlation.  But with that caveat in mind, I think it’s still informative to see what types of inspectional citations, in a high percentage of cases, will precede a warning letter.  And, as I’ve said before, joining two different data sets – in this case inspectional data with warning letter data – might just reveal new insights.

On April 14, 2022, the Centers for Medicare & Medicaid Services (CMS) issued new guidance on the Independent Dispute Resolution (IDR) process, created under the No Surprises Act (NSA) to provide a mechanism for payers and providers to resolve disputes as to appropriate payment amounts for certain out-of-network claims. In addition, the Departments of Health and Human Services, Labor and the Treasury launched two online portals– one to host the IDR process for providers and payers and one to host the patient-provider dispute resolution process for self-pay and uninsured patients.

This new guidance replaces earlier instruction from the agency on how the IDR process would operate and what the independent arbitrator was required to consider. The prior guidance was withdrawn after a successful legal challenge to the interim final rule implementing the No Surprises Act provisions on the IDR process, specifically with respect to the weight to be given to the Qualifying Payment Amount (QPA). The QPA is essentially the payer’s median contracted rate for similar services. The QPA is used to calculate patient cost sharing and must be considered by the independent arbitrator in resolving a payment dispute between a payer and an out-of-network provider. Initially, regulators directed arbitrators to use the QPA as a baseline, and when choosing between the parties’ proposed payment offers to choose the amount closest to the QPA unless one of the parties submitted credible information demonstrating that the appropriate payment amount was materially different from QPA.

In this episode of the Diagnosing Health Care Podcast:  What has contributed to the biotechnology industry’s explosive growth over the last several years? In this episode, special guests Don and Lisa Drakeman, two former CEOs of biotech companies, reflect on what it takes to succeed, the regulatory challenges they have faced, and how current events are shaping the future of the industry.

On April 11, 2022, the Drug Enforcement Administration (DEA) released a final rule which amends DEA regulations to now require all applications for DEA registrations, and renewal of those registrations, to be submitted online. The final rule is effective May 11, 2022.

On January 7, 2021, DEA published a notice of proposed rulemaking (NPRM) that proposed requiring that all applications for DEA registrations, and renewal of those registrations, be submitted online. DEA is promulgating this rule as proposed in the NPRM with one exception: DEA is clarifying that Automated Clearing House (ACH) fund transfers will be accepted as payment for registrations and renewals.