2013 Health Law Year in Review: 13 Notable Changes in Health Law in 2013

This past year has seen some of the biggest changes for health care providers in recent memory.  While the shutdown of the federal government and the rollout of HealthCare.gov made headlines around the country in 2013, many additional important recent health law developments have impacted, or will impact, your hospital or health system just as much, if not more. Below, our attorneys have compiled thirteen notable health law changes and developments for 2013.  As the new year begins, the attorneys at Hall, Render, Killian, Heath & Lyman will continue to monitor, analyze and interpret future developments as they arise.

1.  Taxpayer Relief Act of 2012 Extends Medicare Overpayment Recovery Period

On January 2, 2013, President Obama signed into law the Taxpayer Relief Act of 2012 (the “Act”).  The Act contains a provision that extended the time period for the collection of overpayments made “without fault” (that is to say, in the absence of evidence of fault of the provider or beneficiary) from three years to five years after the calendar year in which the payments were made.

The Act does not change the period in which the Centers for Medicare and Medicaid Services (“CMS”) or a Medicare contractor may reopen an initial determination, redetermination or final determination.  Nor does it affect a health care provider’s obligation to report and return an overpayment within 60 days after the date on which the overpayment is identified or the date any corresponding cost report is due, if applicable, as provided for under the Patient Protection and Affordable Care Act.  The full text of the Act is available here.

2.  HITECH Final Rule Makes Sweeping Changes to HIPAA

On January 17, 2013, the U.S. Department of Health and Human Services (“HHS”) announced the issuance of the final rule (the “Rule”) arising from the Health Information Technology for Economic and Clinical Health Act (“HITECH”).  The Rule implements changes made to the Health Information Portability and Accountability Act (“HIPAA”) Privacy and Security Rules by HITECH. The Rule became effective March 26, 2013, and compliance with most provisions was required on September 23, 2013.

The Director of the HHS Office for Civil Rights (“OCR”), Leon Rodriguez, was quoted as saying the Rule “marks the most sweeping changes to the HIPAA Privacy and Security Rules since they were first implemented.”  Mr. Rodriguez also specifically noted that the Rule will strengthen OCR’s ability to “vigorously enforce the HIPAA privacy and security protections, regardless of whether the information is being held by a health plan, a health care provider or one of their business associates.”  The Rule can be found . Highlights of the Rule include the following:

• Expands the definition of “Business Associate” to include patient safety organizations, health information organizations and e-prescribing gateways that require routine access to protected health information (“PHI”), vendors of personal health records and data storage companies that provide services on behalf of a covered entity and subcontractors of Business Associates;
• Extends direct liability for compliance with the HIPAA Security Rule and certain aspects of the HIPAA Privacy Rule to Business Associates.  Thus, Business Associates are now required to implement administrative, physical and technical safeguards to protect electronic PHI per the Security Rule;
• Modifies the breach notification requirements by moving from a “risk of harm” standard to a “probability of compromise” standard, such that a Covered Entity must now presume each impermissible use or disclosure of PHI requires notification unless there is a low probability the PHI has been compromised as determined by a risk assessment;
• Expands HIPAA’s enforcement provisions, including applying penalties directly against Business Associates and increasing the annual penalty cap to $1.5 million depending on level of culpability;
• Clarifies an individual’s right to obtain restrictions on disclosures of PHI to health plans for services paid out-of-pocket in full.  Covered Entities need not maintain separate medical records for PHI subject to a required restriction, but the Covered Entity must take steps to ensure the information is not inadvertently sent or made accessible to the health plan;
• Requires Covered Entities that maintain medical records electronically to provide an individual with a copy of his or her medical records (or a summary or explanation thereof if agreed to by the individual) in electronic format if requested by the individual and if the records are readily producible in that format;
• Expands the scope of what must be included in the mandatory notice of privacy practices (e.g., a Covered Entity must include a statement notifying individuals:  (i) that they will be notified of a breach of unsecured PHI; (ii) of the changes to their right to request restrictions and their right to access; and (iii) of their right to opt out of fundraising communications);
• Clarifies the new limitations on the use and disclosure of PHI for fundraising and marketing;
• Streamlines an individual’s ability to authorize the use of his or her information for research purposes; and
• Amends the definition of “health information” in the Privacy Rule to specifically include “genetic information” in order to make the HIPAA Privacy Rule more consistent with the Genetic Information Nondiscrimination Act.

OCR continued its more aggressive HIPAA enforcement in 2013 by entering into four Resolution Agreements with Covered Entities of various types.

3.  CMS Issues Physician Payment Sunshine Act Final Rule

On February 1, 2013, CMS unveiled the final rule implementing the Physician Payment Sunshine Act (“Sunshine Act”).  With a goal of decreasing the potential for conflicts of interest in health care, the Sunshine Act requires drug, biological and medical device manufacturers (“Applicable Manufacturers”) to annually disclose payments they make to physicians and teaching hospitals (“Covered Recipients”) when related to certain products.

It also requires Applicable Manufacturers and group purchasing organizations to disclose certain ownership and investment interests held by Covered Recipients and their immediate family members.  CMS will post these disclosures to a website that the general public may access.  Payments or other transfers of value to Covered Recipients that must be reported by Applicable Manufacturers and commonly-owned entities include consulting fees, honoraria, gifts, travel, entertainment, research, charitable contributions, royalties or licenses, grants and food.  Examples of exceptions to the reporting requirements include items valued at under $10 ($100 annual aggregate), product samples and educational materials intended for patient use or benefit and the loan of a device for a trial period not to exceed 90 days in one year.

CMS’s Sunshine Act final rule provides additional clarification on who must report, what must be reported, mechanisms for reporting and editing data, payment classification and dispute resolution. The final rule can be found here.

4.  OIG Updates Its Self-Disclosure Protocol

On April 17, 2013, the Department of Health and Human Services Office of Inspector General (“OIG”) issued an updated version of a self-disclosure protocol (“Protocol”) originally published in 1998.  The original Protocol established a process for health care providers to voluntarily identify, disclose and resolve instances of potential fraud involving federal health care programs, particularly with respect to potential violations of the federal Anti-Kickback Statute (“AKS”) and the employment of, or contracting with, excluded persons.  The updated Protocol replaces the original 1998 version of the Protocol and also supersedes three open letters to the health care industry (published in 2006, 2008 and 2009), which provided further guidance on the disclosure process.

Significant changes and clarifications in the updated Protocol include the following:

• Disclosing parties are expected to disclose with a good faith willingness to resolve all liability within the Civil Monetary Penalties (“CMPs”) Law’s six-year statute of limitations;
• Overpayment reporting and repayment obligations under the 60-day refund requirement are suspended pending settlement, withdrawal or removal from the Protocol;
• OIG believes persons using the Protocol deserve to pay a lower multiplier on single damages than would otherwise be assessed in resolving a government-initiated investigation.  OIG’s general practice is to require a minimum multiplier of 1.5 times the single damages, though it reserves the option to require a higher multiplier;
• OIG reaffirmed that its general approach for resolving potential AKS violations is to apply a multiplier to the remuneration conferred by the disclosing party to the entity or individual making the referral versus basing the penalty calculation on the amount of money paid by the federal health care programs for services resulting from the potential violation; this change is very significant and can mean the difference between a settlement of thousands of dollars as opposed to a settlement of millions of dollars;
• $10,000 is the minimum settlement amount for disclosures that do not involve potential AKS violations (AKS-related submissions remain subject to a $50,000 minimum settlement amount);
• The OIG reaffirmed its presumption against requiring a corporate integrity agreement when resolving disclosed conduct;
• Disclosing parties already subject to a government inquiry are not automatically precluded from using the Protocol;
• Billing-related disclosures must use a sample of at least 100 units and use the mean point when estimating damages;
• OIG expressly affirmed that all health care providers, suppliers or other individuals or entities subject to OIG’s CMP authorities, including pharmaceutical and medical device manufacturers, are eligible to use the Protocol;
• Disclosures may be submitted through OIG’s website;
• Before disclosing the employment of an excluded individual, a disclosing party must screen all current employees and contractors against the List of Excluded Individuals and Entities (“LEIE”). If other excluded persons are identified, the disclosing party must disclose this in one submission;
• OIG will coordinate with the Department of Justice to resolve any potential false claims liability;
• Stark Law-only violations cannot be resolved through the OIG Protocol; and
• Disclosing parties should identify important miscellaneous concerns such as portions of their submissions that may be exempt from public disclosure under the Freedom of Information Act, any refunds of overpayments already paid to the federal health care programs and any potential inability to pay the anticipated settlement amount.

The OIG’s Updated Provider Self-Disclosure Protocol may be found here.

5.  OIG Updates Its 1999 Special Advisory Bulletin Addressing Exclusion 

On May 8, 2013, OIG issued an updated version of its 1999 Special Advisory Bulletin on the Effect of Exclusion from Participation in Federal Health Care Programs (“Updated Bulletin”).  When OIG excludes an individual or entity, federal health care programs will not pay for any item or service that the excluded individual or entity furnished, ordered or prescribed.

This prohibition is not limited to direct patient care. The payment ban applies to all methods of payment, including, but not limited to, payments derived from itemized claims, cost reports, capitated payments, fee schedules and bundled payments such as the prospective payment system. The Updated Bulletin clarified that the payment prohibition applies even when the payment is made to a non-excluded provider.  Therefore, laboratories, imaging centers, durable medical equipment suppliers and pharmacies that furnish items and services on the basis of orders or prescriptions written by excluded providers could be subject to CMP liability.  Entities that employ or enter into contracts with an excluded individual or entity for the provision of items or services to federal health care program beneficiaries are also subject to CMPs.

In the Updated Bulletin, the OIG provided the following examples of items or services that may subject an employer or contractor to CMP liability if an excluded individual or entity provides such items or services:

• Services performed by an excluded nurse, where such services are related to administrative duties, preparation of surgical trays or review of treatment plans, even if the nurse does not furnish direct care to the beneficiary;
• Services performed by excluded pharmacists or other excluded individuals who input prescription information for pharmacy billing or who are involved in any way in filling prescriptions for drugs;
• Transportation services, such as ambulance drivers or ambulance company dispatchers;
• Services performed by an excluded administrator, billing agent, accountant, claims processor or utilization reviewer;
• Administrative and management services – an excluded individual may not serve in an executive leadership role, such as chief executive officer, chief financial officer, general counsel, director of human resources or physician practice office manager; and
• Items or services furnished by an excluded individual who is a volunteer serving without pay from the provider, thus the excluded provider need not be paid by the billing contractor for CMP liability to attach.

OIG also clarified that a provider that receives federal health care program payments may employ or contract with an excluded person only in limited situations.  For example, if federal health care programs do not pay, directly or indirectly, for the items or services being provided by the excluded individual, then a provider that participates in federal health care programs may employ or contract with an excluded person to provide such items or services.  Of course, it may not always be obvious which services are indirectly paid by a federal health care program, so providers must exercise extreme caution when considering engaging or employing any excluded individual or entity.  A provider that employs or contracts with an excluded person to furnish items or services solely to non-federal health care program beneficiaries also would not be subject to CMP liability. OIG advised that a provider need not maintain a separate account from which to pay an excluded person, as long as no claims are submitted to or payment is received from federal health care programs for items or services that the excluded person provides and such items or services relate solely to non-federal health care program patients.

OIG reaffirmed its position that providers have a duty to screen certain individuals and entities against the LEIE before the provider employs or contracts with such individuals or entities.  Indeed, it recommends (but does not require) providers to screen individuals and entities on a monthly basis, noting that, “screening employees and contractors each month best minimizes potential overpayment and CMP liability.”  The Updated Bulletin acknowledges that while certain providers appear to rely on contractors to screen the contractor’s own employees against the LEIE, the provider ultimately is responsible for any overpayment liability related to items or services provided by excluded contractor employees. Likewise, the Updated Bulletin indicates that the provider may be liable for CMPs if it did not ensure that its contractor was adequately screening its own employees against the LEIE.

Finally, providers that identify potential CMP liability, on the basis of the employment of, contracting with or arranging with an excluded person, may use OIG’s Provider Self-Disclosure Protocol to disclose and resolve the potential CMP liability (see Section 4 above).  The Updated Bulletin can be found here.

6.  Government Shutdown’s Effect on Health Care; Permanent Repeal of the SGR Still in Doubt

In the early morning of October 1, 2013, the federal government was partially closed after Senate Democrats refused to give in to demands from House Republicans that provisions in the Affordable Care Act (“ACA”) be delayed for one year and existing temporary government funding legislation expired.  The partial shutdown resulted in the furlough of “nonessential” government employees, including those working at CBO, OMB and CMS.  While Medicare payments to providers and beneficiaries were not interrupted, the shutdown brought a temporary halt to work on the annual physician fee, home health and dialysis rules.  Meanwhile, on Capitol Hill, work on health care-related legislation, like permanent repeal of the Medicare physician payment formula known as Sustainable Growth Rate (“SGR”), ceased when congressional staff were sent home.

By the second week of the shutdown, House Republicans had abandoned their ACA delay demands and agreed to a deal that would fund the government at FY 2013 sequester spending levels through January 15, 2014. The measure also raised the federal “debt ceiling” until mid-February of 2014 and instructed the chairs of the House and Senate Budget Committees, Rep. Paul Ryan (R-WI) and Sen. Patty Murray (D-WA), to begin working on the framework of a potential long-term budget agreement.  Shortly after President Obama signed the funding measure into law, staff at federal health agencies returned to work on the outstanding payment rules, which were eventually issued without delay.

Throughout the fall, the hope that lawmakers would finally pass legislation to permanently repeal the SGR formula continued to grow.  While permanent SGR repeal bills were unanimously passed by the Senate Finance and House Ways and Means committees, neither of those measures included provisions to cover the associated $116 billion cost.  In mid-December, Congress passed the Ryan/Murray budget agreement that funds the government for the next two years. Although the legislation avoids the deep sequester cuts that were set to affect many programs, the Medicare sequester cuts remain at 2.0% and will be extended two years to 2023. Since Congress was unable to agree on how to pay for permanent SGR repeal before the end of 2013, the budget agreement provides for a three-month “doc fix” as lawmakers prepare to address permanent reform again when they return in 2014.

7.  Health Insurance Exchanges Under the ACA: The Troubled Launch of HealthCare.gov

On October 1, 2013, the federal health insurance exchange opened for business at HealthCare.gov but was plagued by huge access and information technology (“IT”) problems.  These problems made enrollment nearly impossible for many people ready, willing and able to purchase a qualified health insurance plan online.  Multiple bugs and server failures resulted in the inability to access the site, very long wait times, duplicate enrollments or cancellation notices, mistakes involving federal subsidies and a host of other problems.   What followed was a government and private contractor IT blitz during November and December to correct the many problems with the website as well as rampant political criticism of the Obama administration for not ensuring that the website was ready to go live on opening day.  Because of trouble with the federal website, many people were encouraged to apply for coverage using paper applications.  As of mid-December 2013, between 50,000 and 60,000 of these paper applications had not been processed.  Individuals were also encouraged to enroll by telephone and at in-person centers located in every state.

The federal health insurance exchange springs from the ACA, which required most individuals to acquire minimum health insurance coverage by January 1, 2014 or pay a penalty.  To facilitate this near-universal coverage mandate, the ACA provided for the development of health insurance exchanges to serve as one-stop marketplaces where individuals and small employers could shop for health coverage.  Health plans participating in the exchanges are accredited for quality and present their benefit options in a standardized manner for easy comparison.  States had the option to establish their own exchanges, provide an exchange in collaboration with the federal government or default to the federal exchange.   Seventeen states plus Washington, D.C. opted to run their own exchanges.  The federal government runs the insurance exchanges of twenty-seven states.  Six states have hybrids.  Caveat: In three states of fifty, the federal government operates an exchange for individual buyers while the state operates a separate exchange for small businesses buying coverage (the so-called SHOP option).

Initially, people had to sign up for health insurance by December 15, 2013 to be guaranteed coverage by January 1, 2014.   However, because of HealthCare.gov’s troubled launch in November, the date was moved back to December 23.  In early December, the administration began urging insurance companies to accept enrollments as of January 1 that are made as late as December 31 and even to permit retroactive coverage for those who sign up after January 1.

Currently, HealthCare.gov is up and running.  According to a HealthCare.gov blog entry by Julie Bataille of CMS, as of December 6, 2013, more than 3.7 million consumers had visited HealthCare.gov during the previous week (ending on noon, December 6) to peruse insurance options, create an account, learn about financial assistance and select a plan.  For this same week, the site was “stable” and experienced no “unscheduled downtimes.” The average error rate was 0.77% and response time averaged under one second.   According to a December 11, 2013 press release from HHS, nearly 365,000 individuals had selected plans from the state and federal marketplaces by the end of November.  Further, enrollment in the federal marketplace in November was more than four times greater than October’s reported federal enrollment number. The press release can be found here.

Notwithstanding the improvements in the website’s operations, one serious shortcoming that continues to plague the federal exchange is the absence of a built-in payment mechanism.  This means that individuals who have succeeded in enrolling in plans on the federal exchange have not actually purchased the plans because no money has changed hands.  In other words, currently, the exchanges are equipped to connect people with insurance carriers but not to facilitate payment.  As a result, people may think they have insurance when they actually do not if they haven’t arranged to make a premium payment outside HealthCare.gov.  Estimates range from 5% to 15% for people who have technically signed up to join a plan but who have not actually completed the process by making payment to the insurer selected.  Some commentators are speculating that come the drop-dead premium payment deadline date, there will be people who are uninsured even though they will have made a good faith effort to enroll.

Another weakness of the health insurance marketplace is typified by the experience of Connecticut, a state-run exchange.  On October 21, 2013, President Obama singled out the Connecticut exchange as being particularly successful in its start-up weeks.  Later, the Hartford Courant pointed out that during October, the exchange gave faulty information about the deductibles and co-insurance requirements of every single individual insurance plan (totaling 19 plans!) on the CT exchange. Thus, problems are not limited to the federal website.

In summary, 2013 marks the year of the bungled rollout of HealthCare.gov.  While the site has improved, more work remains and will undoubtedly continue in 2014.

8.  Government Dishes Out New DSH Payment Formula

The ACA significantly changed the methods for determining Medicare disproportionate share hospital (“DSH”) payments.  Effective for Federal Fiscal Year (“FFY”) 2014 (thus, starting October 1, 2013), only 25% of DSH payments (“Empirically Justified DSH Payments”) will be determined under the previous formula.  For FFY 2014, CMS estimates DSH payments under the old formula would have been $12.772 billion, so the Empirically Justified DSH Payments will be: $12.772 x .25 = $3.193 billion.

Hospitals eligible for the Empirically Justified DSH Payments will also receive a second form of DSH payment deemed “Payment for Uncompensated Care.”  A hospital’s Payment for Uncompensated Care is calculated based on three factors.  The first two factors establish an uncompensated care pool, and the third factor determines the share of that limited pool given each hospital.

Factor 1:  75% of DSH payments to all hospitals if the formula had not been changed.  This starting part is simply the remainder of the 25% for Empirically Justified DSH Payments discussed above.  For FFY 2014, it is $12.772 billion x .75 = $9.579 billion.

Factor 2:  Factor 1 multiplied by the percent change in uninsured from 2013.  This factor reduces the uncompensated care pool on theory that DSH payments are less needed with a higher proportion of the nation insured.  CMS claims the number of uninsured will go down about 5.7%, making this factor 0.943 for FFY 2014 and leaving $9.579 billion x 0.943 = $8.217 billion in the uncompensated share pool to be divided up per Factor 3.

Factor 3:  The hospital’s share of uncompensated care costs as compared to uncompensated care costs for all hospitals nationwide.   This factor divides the uncompensated share pool in a budget neutral manner among hospitals based on the amount of uncompensated care they provide.  Because CMS claims it does not yet have reliable means to determine hospital uncompensated care, for FFY 2014 CMS will use Medicaid Patient days and Medicare SSI days as proxies for uncompensated care.

Determination of the three factors is not subject to administrative or judicial review.

DSH payments will be lower under the new approach and should go down in future years.  Further, hospitals will, generally, no longer be able to appeal DSH issues.  Finally, because the Factor 3 proxy variables for uncompensated care includes Medicaid patients, hospitals in states not expanding Medicaid will be at a disadvantage for their share of the pool compared to hospitals in states expanding Medicaid.

Health law reimbursement attorneys have described the new DSH Payment Formula as a “biggie” for hospitals.

9.  New Payment Policy Plus New Benchmark Equals Reduced Extended Observation Care

CMS Finalized Rule Providing for Additional Part B Payment to Hospitals Denied Part A Inpatient Payment

Under a new provision of the 2014 acute care hospital and long-term care hospital inpatient prospective payment system final rule made effective on October 1, 2013 (“2014 IPPS Final Rule”), if a Medicare Part A claim for inpatient hospital services is denied because the inpatient admission was deemed not reasonable and necessary, or if a hospital on post-discharge self-audit finds an inpatient admission was not reasonable and necessary, the hospital (including a critical access hospital) may submit a subsequent Part B inpatient claim for many additional services not previously covered, if such services would have been reasonable and necessary had the Medicare beneficiary been treated as a hospital outpatient, rather than admitted as an inpatient, unless those services specifically require an outpatient status (e.g., observation services require an outpatient status).

This new provision in the 2014 IPPS Final Rule reversed a long-standing and much-criticized previous payment policy that permitted hospitals to bill “Part B inpatient” for only the very limited set of largely ancillary inpatient services set forth in Section 10, Chapter 6 of the Medicare Benefit Policy Manual.  As a result of the old payment policy, hospitals were critically underpaid for reasonable and necessary services rendered, just because the patient was improperly designated an inpatient instead of an outpatient.  The new payment policy promotes fairer reimbursement to hospitals.  It also protects beneficiaries insofar as hospitals less worried about the financial consequences of a denied inpatient admission may be more willing to admit to inpatient when clinically appropriate; inpatient admission is often more cost effective for beneficiaries who will not have to pay outpatient co-payments. The 2014 IPPS Final Rule can be found here.

Paul Revere’s 2-Midnight Rule

Under a different provision of the 2014 IPPS Final Rule, CMS finalized the “2-midnight rule” to provide physicians and hospitals with clear guidelines for determining the appropriateness of an inpatient hospital admission.  The 2-midnight rule and the new policy permitting additional Part B inpatient payments for hospitals denied Part A payment were intended to work together to reduce the frequency of inappropriate extended observation care (and its attendant financial burdens on beneficiaries) and to reduce inappropriate hospital admissions and hospital inpatient claim denials.

The 2-midnight rule is made up of two distinct components:

• Under the 2-midnight benchmark, if the physician admits a Medicare beneficiary as an inpatient based on his/her expectation that the beneficiary will require care that “crosses 2 midnights,” Medicare Part A payment is “generally appropriate.”  Under the benchmark, the admitting physician should consider all time spent at the hospital, including time spent receiving initial outpatient services, when estimating the beneficiary’s total expected length of stay.  If the physician does not expect the patient’s need for care to extend across 2 midnights, the general rule of thumb is that the patient should be treated as an outpatient.
• Under  the 2-midnight presumption, a Medicare external review contractor auditing a medical record will presume that an inpatient hospital admission is reasonable and necessary (and therefore payable under Part A) if a beneficiary’s inpatient stay crossed 2 midnights, and the beneficiary received medically necessary services such as a surgical procedure or diagnostic test after the inpatient admission.  Conversely, services spanning fewer than 2 midnights and not involving “inpatient-only” services would not receive the benefit of the 2-midnight presumption.  This does not necessarily mean that a 1 or 0 midnight stay automatically would be deemed non-payable under Part A, for there are circumstances such as death, transfer, discharge against medical advice or an unexpected, unanticipated improvement in the beneficiary’s condition that might justify Part A payment for the short stay.

While the 2-midnight rule seems relatively straightforward, stakeholders have raised many good questions concerning how best to comply.  CMS has responded by making available on its website additional guidance.  So far, CMS has instituted two delays in enforcement of the 2-midnight rule, the most recent delay pushing back the enforcement date to March 31, 2014.  CMS has instructed Medicare administrative contractors to conduct “probe reviews” (e.g., 10 medical records per individual hospital) on Medicare Part A inpatient hospital claims spanning less than 2 midnights after formal inpatient admission with dates of admission October 1, 2013 through March 31, 2013.  This probe review will determine each hospital’s compliance with the 2-midnight rule and enable CMS to develop further education and guidance.  During the probe and educate period, CMS expects physicians to make inpatient admission decisions consistent with the 2-midnight benchmark.

10.  Qualified Health Plans Under the ACA: Conflicting Guidance as to Whether Premiums Can Be Subsidized Under a Charity Care Program

In an October 30, 2013 letter from Secretary Kathleen Sebelius of HHS to Representative Jim McDermott of the State of Washington, HHS clarified that it does not consider Qualified Health Plans (“QHPs”) purchased on a federal or state marketplace established under the ACA to be “federal health care programs,” even when the individual purchasing such a QHP qualifies for premium tax credits and cost sharing subsidies.  The letter can be found here.

Because of the premium tax credits/subsidies available to qualifying low-income individuals who obtain QHP insurance coverage, it had been unclear whether HHS would treat QHPs as federal health care programs and, therefore, subject to the AKS. HHS’s clarification that it does not consider QHPs and other marketplace-related programs to be federal health care programs was significant and appeared to address one of the legal obstacles facing providers looking to implement a charity care program designed to provide premium support payments and other assistance to individuals at risk of losing their insurance coverage due to their inability to pay their QHP insurance premiums.

Then, on November 4, 2013, CMS issued a question and answer memo (“Memo”) indicating that it had significant concerns with a third-party’s (e.g., a hospital or other provider) payment of an individual’s QHP insurance premiums “because it could skew the insurance risk pool and create an unlevel field in the [m]arketplaces.”  CMS’s Memo stated that: (i) HHS has broad authority to regulate the federal and state marketplaces (e.g., Section 1321(a) of the Affordable Care Act); and (ii) HHS discourages this practice and encourages issuers to reject such third-party payments and that it intends to monitor this practice and to take appropriate action, if necessary.  As a follow-up to Ms. Sebelius’s letter, the Memo created much confusion in the field.

CMS’s memo did not claim that a provider’s payment, through its charity care program, of an individual’s QHP insurance premium would be illegal or that a QHP insurer’s acceptance of such premium payment would be illegal.  Further, it is not clear what CMS’s legal authority is for discouraging health care providers’ subsidization of QHP insurance premiums or whether CMS’s position is consistent (or inconsistent) with Sebelius’s statement that QHPs are not federal health care programs.  Notwithstanding, CMS’s most recent Memo has caused many in the health care industry to reconsider their ability to provide QHP premium support payments to individuals through their charity care programs.  Stakeholders look forward to additional guidance on these issues.  The CMS memo can be found here.

11.  Fraud and Abuse: False Claims Act/Stark Law Enforcement Actions

The government continued its aggressive fraud and abuse enforcement efforts against health care providers in 2013.  Favorable enforcement actions and provider settlements have encouraged the government’s aggressive pursuit of potential fraud in arrangements with referring physicians, especially under False Claims Act (“FCA”) cases alleging that physician compensation arrangements violated the Stark Law and the AKS.   In particular, activity during 2013 in the following three cases underscores the government’s focus on physician compensation arrangements and the tremendous risk created by Stark Law violations.

Team-Based Compensation Arrangements

In November of 2013, the U.S. District Court for the Middle District of Florida held that the bonus compensation arrangements between a Florida hospital and its employed medical oncologists violated the Stark Law. The Court concluded that the hospital’s bonus pool methodology, which included chemotherapy revenues, did not satisfy the requirements of the Stark Law’s bona fide employment exception. The Court held that the bonus pools took into account the volume or value of the oncologists’ referrals of designated health services (“DHS”).

The hospital argued that because the bonus pool was divided up based on each oncologist’s personally performed services, reliance on the Stark Law’s bona fide employment exception was appropriate.  The Court rejected the hospital’s reasoning.  Although the pool was divided up based on services personally performed, the Court found the pool itself was “based on factors in addition to personally performed services, including revenue from referrals made by the medical oncologists for DHS.”  Although it ruled there was a Stark Law violation, the Court stopped short of awarding summary judgment on damages, in part because it was unable to verify the government’s $27 million damages figure for harm to the Medicare program.  The Court’s ruling leaves these issues to be resolved by the jury trial, which is scheduled for March of 2014.

The Court’s ruling in this qui tam case reaffirms the view that health care entities should be cautious when entering into “team-based” or “pooling” compensation arrangements with referring physicians because they may implicate the Stark Law if the bonus pools are based on revenues derived from DHS.  Pooling arrangements should be carefully structured to ensure that compensation is fair market value and that referrals of DHS are excluded from calculating the compensation pool.

In-Office Ancillary Services Exception

In August, the government intervened in a qui tam case in the U.S. District Court for the Southern District of Alabama.  The government alleges that an Alabama health system and its related clinic entities entered into compensation arrangements with referring physicians that violated the AKS and Stark Law.  The government alleges that from 2005 to 2011 the health system submitted millions of dollars in false claims to the Medicare program for DHS, including clinical laboratory services and diagnostic imaging tests.  Based on the calculations in the original qui tam complaint, prohibited claims resulting from the physicians’ referrals could exceed $521 million.  Accordingly, potential damages under the FCA could exceed $1 billion.

With respect to physician compensation arrangements, the government alleges that the health system compensated physicians based on their referrals of DHS.  The referring physicians received two forms of compensation. The first model based compensation on collections for the physicians’ professional services and is not at issue.  The second model established bonus compensation for each physician at the beginning of the year based on the physician’s DHS collections in the prior year or years.  Any amount from DHS collections left over after the bonus amounts were paid, was distributed equally among physicians as an additional bonus payment.  Although the physician employment agreements referenced a “predetermined formula” for determining the bonuses, the government alleged that there was no actual formula, instead the bonuses correlated to the physicians’ DHS referrals.

It appears from the initial pleadings that the health system intended to fall within the Stark Law’s exception for in-office ancillary services (“IOAS”) furnished by a “group practice.”  In its complaint, the government alleges that the IOAS exception would not apply to the arrangement because the entities involved did not meet several of the IOAS and “group practice” requirements (e.g., single legal entity, joint billing, predetermined distributions of expenses and income, special rules on productivity and profit shares, etc.).  The government alleged that the requirements of the group practice definition were discussed internally by the health system and that the health system’s own legal counsel had determined that the group practice definition was not satisfied.

Similar to the case above, this qui tam case shows that health care entities should be cautious when entering into bonus arrangements with referring physicians because they may implicate the Stark Law.  Bonus arrangements should be examined to ensure they are structured and implemented in a manner that aligns with an applicable Stark Law exception (e.g., the IOAS or employment exception, etc.) to minimize the risk of a Stark Law violation.  This case is only in the initial pleading stage, but, as it proceeds, it may provide the first interpretations of a physician group’s compliance with the IOAS and “group practice” requirements.  This will be particularly interesting because physician groups are typically viewed as having wide latitude for compensating their physicians.

Part-Time Employment Arrangements

In May, following a second trial in the U.S. District Court for the District of South Carolina, a federal jury found that a South Carolina hospital violated the Stark Law and the FCA and imposed a judgment of $237 million against the hospital. The jury held that 19 part-time physician employment arrangements with the hospital’s affiliated medical practice groups violated the Stark Law, which resulted in 21,730 claims being submitted as false claims in violation of the FCA.  The value of the false claims exceeded $39 million.  Following the second trial, the hospital faced potential damages in excess of $357 million.

The government alleged the part-time employment arrangements did not meet a Stark Law exception, thus tainting any Medicare referrals and claims submitted by the hospital for services resulting from the physicians’ referrals. The physicians’ part-time employment was limited to their outpatient procedures at the hospital, and compensation included an annual base salary that fluctuated based on each physician’s net collections from their outpatient procedures.  The physicians were also eligible for productivity and quality bonuses based on their collections.

At issue in the trial was whether the compensation arrangements “took into account” the volume or value of referrals the physicians made to the hospital and, if so, whether the employment agreements met the Stark Law’s indirect compensation exception.  The government presented evidence of a one-to-one relationship between each physician’s aggregate compensation and the volume or value of the physician’s referrals of “facility fee” technical component referrals to the hospital. The government also argued that the arrangement did not meet the requirements of the indirect compensation exception because the physicians’ compensation arrangements exceeded fair market value and were not commercially reasonable.

As noted above, at the conclusion of the second trial in May, the jury found that the hospital violated the Stark Law and the FCA.  Later in September, the judge in the case entered a $237 million judgment against the hospital.  The judgment amount was calculated based on the minimum penalty amount of $5,500 per claim for the 21,730 false claims, plus three times the $39 million in related Medicare billings, for a total in penalties and damages of over $237 million.  The hospital has filed a notice of appeal to the 4^th Circuit Court and has requested a stay of the order for damages pending the appeal.

This case provides an example of the significant risk associated with Stark and FCA litigation, and the significant exposure associated with taking a Stark Law case to trial, even if the government does not assess all of the penalties available under the FCA.  The case also shows that a court may not always construe the law in a manner consistent with the positions taken by CMS and that when Stark Law cases are tried by a jury, the results cannot always be predicted with confidence.

12.  Single Payment Level for Outpatient Clinic Visits

On November 27, 2013, CMS issued the 2014 outpatient prospective payment system and ambulatory surgical center final rule (“2014 OPPS Final Rule”) in which CMS finalized a policy that will eliminate the existing five levels of hospital outpatient clinic visit codes for both new and established patients and replace them with a new HCPCS code (G0463) that will represent a single level of payment for all hospital outpatient clinic visits.

The new HCPCS code will apply to all outpatient clinic visits (except emergency room visits) paid under the OPPS regardless of the level of effort and regardless of whether the patient is a new or established patient.  Effective January 1, 2014, CMS will no longer recognize CPT codes 99201 through 99205 (new patient clinic visits) and 99211 through 99215 (established patient clinic visits) under the OPPS.

CMS believes HCPCS code G0463 will reduce administrative burden by eliminating the need for hospitals to develop and apply their own internal guidelines to differentiate between levels of clinic visits.  It also is consistent with CMS’s goal of using large payment bundles to incentivize hospitals to provide care in more efficient manners.   Notably, CMS did not finalize its proposal to replace the current five levels of codes for emergency department visits but is considering options to improve codes for these services in future rulemaking.

CMS dismissed the hospitals’ concerns that the new consolidated outpatient clinic visit code will not adequately reimburse providers that serve patients with a more complex case-mix and that hospitals will lose the ability to track patient acuity for clinic visits.

CMS did not make this same change for services paid under the physician fee schedule, so physician services will continue to be coded and paid based on the five evaluation and management levels for new and established patients.

13. The Drug Quality and Security Act Addresses Compounding Facility Safety

On November 27, 2013, President Obama signed the Drug Quality and Security Act (“Act”) into law. Support for the Act, a product of bipartisan efforts by leaders from the Senate and House committees overseeing health policy, finally reached critical mass after a deadly fungal meningitis outbreak related to potentially adulterated drugs occurred last year.  Given the increase in compounding activity in recent years in response to various drug shortages, this legislation will have far-reaching implications.  The Act is broken into two parts: the Compounding Quality Act and the Drug Supply Chain Security Act.  The Act can be found third-party-qa-11-04-2013 (1) here.

At a high level, the Act is designed to: (i) clarify the FDA’s oversight responsibilities for both small- and large-volume compounders; (ii) require higher quality standards for these same facilities, in particular for large-volume compounders; and (iii) require additional standardized tracking and licensure standards for the drug distribution chain. These goals are facilitated through a variety of mechanisms, including the removal of certain Federal Food, Drug and Cosmetic Act (“FDCA”) compounding provisions that some federal courts had deemed unenforceable.

With respect to compounding, the Compounding Quality Act establishes the concept of an “Outsourcing Facility,” which will likely include facilities that provide higher-volume compounding services. Facilities that elect to register annually as Outsourcing Facilities, and that comply with the requirements of the Act, are exempted from new “track and trace” provisions contained in the Drug Supply Chain Security Act (discussed below). Outsourcing Facilities would also be exempt from adequate directions for use provisions and new drug provisions under the FDCA with respect to drugs compounded at the facility by or under the direct supervision of a licensed pharmacist and in compliance with the standards applicable to Outsourcing Facilities under the Act.

With respect to general drug supply chain security, the Drug Supply Chain Security Act implements new tracking provisions that become functionally effective on January 1, 2015. The Drug Supply Chain Security Act is intended to create a national standard for drug supply chain security for non-Outsourcing Facilities, wholesale distributors and other drug supply chain stakeholders by establishing requirements for tracing a product through the distribution system (i.e., from manufacturing through dispensing).  It also establishes standards for federal licensure of wholesale distributors and third-party logistics providers. State and local requirements related to the tracing of products through the distribution system or licensure of wholesale distributors and third-party logistics providers are preempted.

Many provisions of the law are to be implemented through future regulatory and subregulatory guidance from the Secretary of HHS.  Indeed, the FDA has already made available the first related implementation guidance.  Specifically, it has published draft guidance designed to assist human drug compounders to register as outsourcing facilities with the FDA.  The draft guidance provides information on how an outsourcing facility should submit facility registration information electronically.

Happy (Health Law) New Year from the health law attorneys of Hall Render!  If you would like more information about any of these topics, please contact Eric Birdzell at 317.977.1558 or hallrender@hallrender.com to be put in touch with a Hall Render health law attorney.

Please visit the Hall Render Blog at http://blogs.hallrender.com/ for more information on topics related to health care law.