DHHS’s Regulatory Sprint to Coordinated Care Gains Traction in Changes to the AKS, Stark, and CMP Laws
On October 9, 2019, the Federal Department of Health and Human Services (“HHS”) issued two separate Proposed Rules under the Regulatory Sprint to Coordinated Care ("RSCC"), an initiative first announced in April 2018 and led by Deputy Secretary Hargan, in an effort to overhaul the regulatory burdens imposed upon healthcare providers and beneficiaries while maintaining strong safeguards to protect patients and federal healthcare programs from fraud and abuse. Public comments to both Proposed Rules are due no later than December 31, 2019.
The First Proposed Rule pertains to two statutes that are enforced under the authority of the HHS Office of Inspector General (“OIG”)—the Anti-kickback Statute (“AKS”) and the Beneficiary Inducements Civil Monetary Penalty Law (“CMP Law”). The Proposed Rule would add and/or amend Safe Harbors under the AKS regarding cybersecurity technology, HER arrangements, warranties, local transportation, and person services and management contracts. The Proposed Rule also creates a new exception under the CMP law to allow practitioners to offer their patients receiving in-home dialysis certain telehealth technologies. In each case, the exceptions are designed to further the quality of care received by the patients in light of today’s advancements in healthcare technology.
- NEW: Value-Based Compensation Arrangements. Under the Proposed Rules, exceptions are provided to allow providers to work collaboratively on innovative value-based arrangements without fear of prosecution regarding activities that seek to coordinate and improve quality of care to all patients, subject to the safeguard woven into the exceptions. An exclusion proposed to the new Value-Based Enterprises (VBE) concept is for pharmacies to be excluded from these arrangements.
- NEW: Donations of Cybersecurity Technology. Under this Proposed Rule, donations of cybersecurity technology and related services would be protected “non-monetary remuneration” if five (5) conditions are met, which include limiting the technology to that which is both needed and predominantly used to implement and maintain effective cybersecurity, and to services related to implementing and maintaining effective cybersecurity, such as risk assessment or analysis, vulnerability/penetration testing and cybersecurity services related to business continuity and data recovery services. In an effort to further reduce concerns about the potential for abuse, CMS is considering a deeming provision for the donor and recipient to demonstrate the need and limited use for the technology donation to comply with a widely recognized cybersecurity framework or set of standards. As with other Safe Harbors, another criterion is that the donor cannot directly take into account the value or volume of referrals or other business between the parties when determining the eligibility of a potential recipient and the recipient cannot demand such technology and services as a condition of continued business with the donor. Notably, the technology donation may also be available to patients, albeit in much narrower scope (i.e., anti-virus tools). As with other Safe Harbors, the technology donation must be in writing between the parties. Finally, any costs associated with the donation cannot be shifted to the federal government (i.e., a donor hospital cannot include the costs as an administrative expense in its cost report). CMS is also considering an alternative condition related to donations of cybersecurity hardware, which is based predominantly on the donor and recipient’s risk analyses.
- REVISED: Electronic Health Records Safe Harbor & Exception [42 CFR 1001.952(Y)]. The Proposed Rule seeks to modify the existing EHR Exceptions regarding two related conditions: “Deeming” and “Interoperability.” The proposed change in the language of the “deeming” condition clarifies that any donated software “is” (as opposed to “has been”) certified by a certifying board at the time of the donation. Further, CMS proposes a modified definition of “interoperable” to further identify conduct that does not implicate the prohibition of “information blocking.”
- REVISED: Personal Services and Management Contracts Safe Harbor [42 CFR 1001.952(d)]. Under the Proposed Rule this Safe Harbor will undergo a number of changes, including: (i) substituting the requirement that aggregate compensation under these agreements be set in advance to a requirement that the methodology for determining compensation be set in advance; (ii) eliminating the requirement to specify the schedule, length and charges in contracts for part-time/periodic/sporadic services; and (iii) create a new provision that protects certain outcomes-based payments between a principle and agent for achieving or maintaining certain health outcome measures that effectively and efficiently coordinate care across care settings, subject to various conditions that are similar to those found already in the existing Safe Harbor. While the principle-agent relationship applies to hospitals and physicians, this exception expressly excludes outcomes-based payments involving pharmaceutical manufacturers, DMEPOS suppliers, manufacturers and distributors, and laboratories.
- REVISED: Warranties Safe Harbor [42 CFR 1001.952(g)]. HHS proposes to amend this current Safe Harbor to protect warranties for “bundled” items and related services if certain conditions are met, excluding beneficiaries from the reporting requirements applicable to buyers; and explicitly defining “warranty” and not by reference to 15 U.S.C. § 2301(6).
The Second Proposed Rule, which was issued in furtherance of the RSCC and CMS’s own Patients Over Paperwork Initiative, seeks to modify the Physician Self-Referral Law (aka, the “Stark Law”) by adding new exceptions to the prohibition on physician relationships with healthcare entities. The Proposed Rules create new exceptions and modify existing ones to facilitate greater patient care and reduced administrative burdens.
We will be following up this Alert with a separate alert on the proposed Stark regulation changes. Please look for this Stark Alert in your inbox within the next week.
 On August 27, 2018, HHS issued a second Request for Information for public commentary on the OIG’s Rules pertaining to the AKS and CMP Laws, for which it received 395 Comments at its closing date of October 26, 2018. See: https://www.regulations.gov/docketBrowser?rpp=50&so=DESC&sb=postedDate&po=0&dct=PS&D=HHSIG-2018-0002.
 This exception is set forth in 42 CFR§ 1001.952(jj).
 On June 25, 2018, HHS issued a Request for Information from the public regarding any “undue regulatory impact and burden” of the Stark law and the Center for Medicare & Medicaid Services (“CMS”) regulations thereunder (“Stark RFI”). The comment period closed on August 24, 2018. More than 390 submissions were received in response to the Stark RFI. See: https://www.regulations.gov/docketBrowser?rpp=50&so=DESC&sb=postedDate&po=0&dct=PS&D=CMS-2018-0082.
Debra Geroux, CHC, CHPC
Robert H. Schwartz
Mark R. Lezotte