Fraud stemming from the COVID-19 pandemic continues to be a criminal enforcement priority for the US Department of Justice (DOJ). On April 20, DOJ announced a new round of criminal charges against 21 defendants that stem from over $149 million in allegedly fraudulent billing to federal healthcare programs and pandemic assistance programs. The new cases raise DOJ’s total COVID-19-related enforcement stats to 35 defendants and over $290 million in fraudulent billing across 16 federal districts.

Perhaps signaling the increasing likelihood of a permanent telehealth solution for the Medicare program, the Office of Inspector General for the US Department of Health and Human Services (OIG) has established a “Featured Topics” resource page on its website dedicated to telehealth and OIG’s work in evaluating telehealth policies. This telehealth resource page serves as a compendium for all the reports OIG has completed or plans to undertake related to telehealth and virtual care technologies, including several audits and evaluations currently on OIG's 2022 work plan. In addition, the resource page provides a helpful overview of the manner in which telehealth fits into the larger Medicare regulatory framework.

Last month, we had an engaging Fast Break session covering the growing importance of risk adjustment in various health insurance programs and novel government theories of liability associated with risk adjustment reporting. Morgan Lewis associates Tesch Leigh West and Michelle M. Arra described the fundamental processes regarding risk adjustment and highlighted recent audit and enforcement trends in this area.

A federal judge in Texas held on February 23 that the federal government’s interim final rule implementing the independent dispute resolution (IDR) process established by the No Surprises Act conflicted with the plain language of the statute and that the agencies improperly bypassed notice and comment rulemaking when promulgating the rule.

On February 9, 2022, US Senators Bill Cassidy, M.D. (R-LA) and Tammy Baldwin (D-WI) introduced bipartisan legislation designed to modernize health privacy laws, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and account for emerging healthcare technologies not addressed by existing law.

As its name suggests, the No Surprises Act establishes patient protection against most surprise medical bills from out-of-network, emergency service, and air ambulance providers. Two of the major provisions affecting providers—the good-faith estimate and balance billing requirements—became effective as of January 1, 2022.

The new Civil Cyber-Fraud Initiative of the US Department of Justice’s use of the punitive False Claims Act (FCA) and its whistleblower provisions has some important legal and risk management considerations for the health industry. Because enforcement will initially occur largely through civil investigations applying the FCA in the broadest possible way, healthcare organizations should undertake a priority assessment of their cybersecurity status to ensure that their practices can withstand hacks, whistleblowers, and government scrutiny.

The HHS Office of Inspector General (OIG) recently announced its Office of Audit Services plans to conduct a nationwide review of hospice eligibility, focusing on those Medicare hospice beneficiaries who haven't had an inpatient hospital stay or an ER visit in certain periods prior to their start of hospice care.  

Last month, we had an engaging Fast Break session covering compliance topics regarding healthcare professionals’ relationships with pharmaceutical and medical device manufacturers. We were joined by Terrence Burek, senior counsel, neurology & immunology at EMD Serono, and Morgan Lewis partner Scott Memmott, who highlighted specific compliance risk areas for healthcare professionals (HCPs), as well as permissible interactions with pharmaceutical and medical device manufacturers and contracting/risk mitigation best practices.

Biometrics are physical or behavioral human characteristics that can be used to digitally identify a person to grant access to systems, devices, or data. Examples of biometric identifiers are fingerprints, facial geometry scans, and voice prints, as each are considered unique to the individual. Unlike a Social Security number, a person’s biometric data generally cannot be altered.