As highlighted on our Health Industry Washington Watch blog, Reed Smith hosted a dynamic conference on post-acute care in Washington, D.C. in early April. Entitled "Reed Smith 2014 Washington Health Care Conference: Focus on Post-Acute Care," the conference brought together a panel of experts discussing episodic care, proposed bundling models, and alternative payment and delivery systems; a specialist in health care investment banking addressing the current climate and future outlook for post-acute investments and transactions; and a legal policy analyst providing a thorough overview of recent legislative action related to post-acute care. The conference concluded with a thought-provoking keynote speech from Dr. Norman Ornstein, Resident Scholar at the American Enterprise Institute, about the politically polarizing nature of health care policy in the United States today. To read the entire post, click here.
The Reed Smith Life Sciences Legal Update blog has been updated to reflect a variety of recent developments of interest, including:
- A Comparison of the French and U.S. Sunshine Acts. To help global manufacturers navigate the complex new reporting and disclosure requirements under the French and U.S. Sunshine Acts, Reed Smith Partners Elizabeth Carder-Thompson and Daniel Kadar created an at-a-glance summary chart comparing and contrasting the reporting requirements and how each act differs in its attempt to create transparency for patients when they are making decisions regarding their medical treatment.
- Increased Government Regulation on Cosmetic Procedures in the UK. In response to an April 2013 independent review concerning the regulation of cosmetic interventions, the UK government released a response report in February 2014 detailing significant changes to improve the quality of care and information available to patients when undergoing cosmetic procedures. Authors John Wilkinson, Nicola Maguire, Adam Lewington and Daryl Cue review in detail the proposed regulatory changes.
- OCR Announces HIPAA Enforcement Settlement Against County Government. On March 7, 2014, the HHS Office for Civil Rights announced its first settlement and corrective action plan with a county government. Skagit County in northwest Washington State has agreed to pay $215,000 to settle potential violations of the HIPAA Privacy, Security and Breach Notification Rules. Authors Brad Rostolsky, Nan Bonifant and Jen Pike discuss this case and what local and county governments need to be aware of in order to comply with HIPAA regulations.
County Governments Not Immune From HIPAA Enforcement: OCR Announces $215,000 Settlement with Skagit County, Washington
On March 7, 2014, the HHS Office for Civil Rights (“OCR”) announced its first settlement and corrective action plan with a county government. Skagit County in northwest Washington State has agreed to pay $215,000 to settle potential violations of the HIPAA Privacy, Security and Breach Notification Rules.
According to Susan McAndrew, deputy director of health information privacy at OCR, “this case marks the first settlement with a county government and sends a strong message about the importance of HIPAA compliance to local and county governments, regardless of size.” Generally, local and county governments are subject to HIPAA because certain departments within the government are involved in the provision of or payment for health care services. The Skagit County Public Health Department provides essential services to many individuals who would otherwise not be able to afford health care. Importantly, a single legal entity whose business activities include both HIPAA covered and non-covered services (like a county government) may designate itself as a “hybrid entity” by identifying its “health care components.” This designation, however, must be formally documented in the entity’s policies and procedures. Most of the requirements of the Privacy, Security and Breach Notification Rules apply only to the hybrid entity’s health care components.
OCR began investigating Skagit County following a breach self-report notifying OCR that the electronic protected health information (“ePHI”) of seven individuals receiving services from the Skagit County Public Health Department was posted on a publicly available server maintained by the county and accessed by unknown parties. The investigation revealed that the ePHI of not just seven – but 1,581 – individuals, was made available on the public server. The ePHI, which could be accessed through a simple Google search, included highly sensitive information, such as the testing and treatment of infectious diseases. OCR’s investigation further revealed Skagit County’s general and widespread non-compliance with the HIPAA Privacy, Security and Breach Notification Rules, including the implementation of sufficient policies and procedures.
In addition to the $215,000 settlement, the Resolution Agreement between Skagit County and OCR included a corrective action plan (“CAP”) that requires Skagit County to, among other things, (1) provide substitute breach notification to affected individuals not previously notified; (2) create and revise written policies and procedures to comply with HIPAA; and (3) submit for OCR’s review and approval hybrid entity documents designating the county’s covered health care components. The CAP also requires Skagit County to provide regular status updates to OCR, which will work closely with the county to correct deficiencies.
While OCR marks this settlement as the first with a county government, it is not the first for a public entity. In June 2012, the Alaska Department of Health and Social Services agreed to pay $1.7 million to settle possible violations of the Security Rule. Notably, both of these enforcement actions, and most actions since 2012, have resulted from a breach self-report used by OCR as an opportunity to conduct a de-facto audit of the entity’s general HIPAA compliance. Whether this enforcement trend will continue will likely depend upon the scope (and perhaps more importantly, the funding), of OCR’s second round of statutorily required audits of covered entities and business associates. Regardless, given the environment of increased OCR enforcement, regulated entities should ensure, at a minimum, that they have implemented the basic elements of HIPAA compliance—performance of a Security Rule risk analysis, implementation of sufficient policies and procedures (including documentation of any hybrid entity designation), and adequate training of workforce members.
Additional information about OCR’s enforcement activities can be found at http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/index.html.
In April 2013, an independent review of the regulation of cosmetic interventions in the UK was published, highlighting an insufficient amount of regulation in this industry by the UK government, due in part to the rapid growth of cosmetic procedures in the United Kingdom. Cases such as unauthorized (and potentially defective) materials being used in procedures has forced the UK government to acknowledge that the level of regulation of cosmetic procedures must increase. The UK government responded to this review in February 2014 by unveiling a set of actions that will be taken to address the current dearth of cosmetic regulation and legislation, and ensure that the quality of care is improved. Among these actions are the introduction of a code of conduct, an ombudsman, and accredited qualification of practitioners. Some of these actions have already been initiated.
This past year both the U.S. and France enacted substantial new reporting and disclosure requirements under their respective Sunshine Acts, which were designed to increase the transparency of the financial relationships between manufacturers and health care professionals and to allow patients to make more informed decisions regarding their health treatments. The U.S. and French Sunshine Acts are not identical, however, as indicated in this alert written by Reed Smith lawyers Elizabeth Carder-Thompson and Daniel Kadar. Their side-by-side review illustrates that the scope and focus of transparency differs between the U.S. and France. This alert includes a summary chart comparing and contrasting the differences in Sunshine Act reporting requirements in a number of areas including effective dates, who must report, what information must be reported, payment thresholds and categories of payments that must be reported as well as those that can be excluded. This information is especially relevant to global manufacturers working to comply with these provisions.
A copy of the full alert and comparison chart is available here.
Manufacturer, Group Payment Organization, and Physician Financial Information Slated For Disclosure, May Spur False Claims Act Activity
As mentioned on our Health Industry Washington Watch blog, pharmaceutical and medical device manufacturers and group purchasing organizations (GPO) are currently in the process of submitting detailed 2013 payment and investment interest data to the Centers for Medicare & Medicaid Services. The submission of this data, as dictated by the Physician Payment Sunshine Act, is intended to highlight certain financial relationships between the manufacturers and GPOs and physicians. With some exceptions, this data will become public by September 1, 2014, at which time the Department of Health and Human Services’ Office of the Inspector General, Department of Justice, and relators’ attorneys will likely analyze the data to initiate investigations and support complaints under the federal False Claims Act. To read the entire post, click here.
Reed Smith to Host April 4, 2014 Washington Health Care Conference on Post-Acute Care - Eight Days Left to Register
On April 4th, 2014, Reed Smith will host its inaugural Washington Health Care Conference at The Mayflower Renaissance Hotel in Washington, D.C. With a keynote from Dr. Norman Ornstein, this year’s conference will focus on post-acute care, bringing together leading industry professionals for a discussion on several important issues, including:
Governing in Polarized America: The Prospects for Policy in 2014 and Beyond (Keynote)
- Dr. Norman Ornstein, Resident Scholar, American Enterprise Institute, and weekly columnist for National Journal and The Atlantic
Policy discussion on episodic care, bundling models, and alternative payment and delivery systems
- Mike Cheek, Vice President for Medicaid and Long Term Care Policy, American Health Care Association
- Judy Feder, Professor, Georgetown University McCourt School of Public Policy, and Urban Institute Fellow
- Dr. Barbara Gage, Fellow, Managing Director, Engelberg Center for Health Care Reform, Brookings Institution
- Dr. Vincent Mor, Ph.D., Florence Pirce Grant Professor of Community Health, Public Health Program, Brown University School of Medicine
Wall Street perspective: the current appetite for deals
- Jay Barnes, Senior Vice President, Healthcare Investment Banking, Jefferies LLC
Hill briefing on Medicare legislation
- Cate McCanless, Senior Policy Advisor, Brownstein Hyatt Farber Schreck
Limited seating is still available for this complimentary program. If you are interested in registering, please email Lindsay Korenich at email@example.com. For more information about this conference, click here.
FDA Draft Guidance Encourages Companies to Study Drugs for Treatment of CFS and ME and Provides Roadmap to Approval for this Indication
This post was written by Lindsey R. Harteis.
Citing the fact that there is no FDA-approved treatment for Chronic Fatigue Syndrome/Myalgic Encephalomyelitis (CFS/ME), the FDA recently released draft guidance to expedite the development and review of drugs to address this “unmet medical need.” The guidance will not become finalized until after its notice/comment period ends on May 12, 2014. Though non-binding, it provides a roadmap for drug manufacturers to craft and conduct studies that are more likely to succeed in satisfying the FDA clearance requirements that there be “substantial evidence” of the efficacy of the product and an acceptable risk/benefit profile.
The guidance addresses the following: selection and evaluation of efficacy endpoints; preferential domains to study; suggested methods for assessing each of these domains (if known); how to account for concomitant treatment and management of CFS/ME symptoms in study participants; safety considerations; recommendations for study protocol and design; and advice for testing combination drug products. The FDA expresses a clear interest in studying the following efficacy domains: symptoms; exercise capacity and post-exertional malaise; and health-related quality of life. It also suggests that “support from two definitive trials should [be sufficient to] establish efficacy for a drug product being developed to provide symptom relief for CFS/ME.” (There is no requirement that the two studies be identical.) Finally, studies should generally be placebo-controlled, double-blinded, randomized and parallel group studies. Of note, the guidance suggests that at least until there is one FDA-approved treatment for CFS/ME, study sponsors will be permitted to use placebo groups in trials.
The guidance also recommends sponsors discuss some specific aspects of study design and protocol with the FDA early in the process of developing the drug or studies about an existing drug.
We want to alert life sciences and health care entities to a recent decision out of the U.S. District Court for the District of Columbia.
- U.S. District Court for the District of Columbia holds documents related to internal investigations of possible violations of corporate code of conduct not protected from disclosure under either attorney-client privilege or attorney work product doctrine
- Ruling serves as timely reminder for companies in a wide variety of industries to review internal procedures relating to internal corporate compliance program or code of conduct investigations to maximize the likelihood that appropriate privileges will be honored
On March 6, 2014, the U.S. District Court for the District of Columbia granted a qui tam relator’s motion to compel the production of documents relating to the defendant Kellogg Brown & Root Services, Inc.’s (KBR’s) “Code of Business Conduct (COBC) investigations,” holding such documents were not protected from disclosure under either the attorney-client privilege (ACP) or the attorney work product doctrine (AWP). The court concluded that the company’s investigations were conducted pursuant to “regulatory law and corporate policy,” rather than for the purpose of obtaining legal advice. Accordingly, KBR was ordered to produce some 89 documents that it previously claimed as privileged under the ACP and/or AWP. U.S. ex rel Barko v. Halliburton Company, No. 1:05-CV-1276 (D.D.C., March 6, 2014). The court’s broader statements could have significant implications for companies in regulated industries where corporate compliance programs are commonplace, or even required.
In only the second Untitled Letter of the year, FDA’s Office of Prescription Drug Promotion warned a Swiss drug company about statements the company made on its Facebook page. Notably, FDA became aware of the company’s Facebook promotion through its own monitoring and surveillance program.
The alleged violations themselves were straightforward and similar to more traditional advertising actions: failure to include risk information and omission of material facts. What makes this letter interesting is that the activity occurred on a social network. On its Facebook page, the company suggested consumers talk to their doctor if they have been diagnosed with the condition for which the drug at issue is indicated. Nowhere on the page did the company warn consumers about the risks associated with the product – risks serious enough to require a boxed warning on the label. Neither did the company include any discussion about limitations of the drug’s use. FDA requested the company immediately cease this promotional activity – and the company has complied. The Facebook page at issue is no longer active.
The takeaway here is to remember that FDA’s advertising and promotion rules apply regardless of how or where you promote your product. You must assume that all activity on social media networks, including Facebook and others, will be scrutinized by the FDA.
Reed Smith Partner Larry Sher authored a post on the Drug and Device Law Blog about a recent decision in which the U.S. Court of Appeals for the Fourth Circuit affirmed the dismissal of a False Claims Act (“FCA”) case brought against Omnicare, United States ex rel. Rostholder v. Omnicare, Inc., No. 12-2431, 2014 WL 661351 (4th Cir. Feb. 21, 2014). Rostholder is significant for the pharmaceutical industry and FCA jurisprudence because it shows that the court of appeals will carefully review statutes and regulations when relators attempt to use violations to make out an FCA claim, and will prevent efforts such as Rostholder’s to turn regulatory violations into FCA violations.
Click here to read the Reed Smith client alert about the same decision.
There are HOW many calories in that? FDA Proposes First Overhaul to Food Label in 20 Years - Comment Opportunity
Today FDA announced long-awaited changes to the iconic Nutrition Facts label for foods. According to FDA, the goal of the proposed changes is not to tell consumers what they should or should not be eating, but to expand and highlight the information consumers need most to make a well-informed food choice.
Calories and Serving Size
The most notable changes involve the display. The proposed label emphasizes through font size and bold type the number of calories per serving size and the number of servings per container. In order to better capture how average Americans eat, FDA is also proposing changes to how serving sizes themselves are calculated. Gone will be the days where a pint of ice cream is four serving sizes; now FDA says it is two. FDA stresses that these proposed changes are based on current scientific thinking in the area of nutrition science and based on the most recent public health and nutrition surveys. The current nutrition Facts Panel, which has been in use for 20 years, relied on consumer consumption data from the 70s and 80s. American eating patterns have changed and FDA hopes these new labels will better reflect current consumption patterns.
Another major change involves how the Nutrition Facts panel displays the amount of sugar contained in a food. The current label lists just “Sugars” which can refer to both naturally occurring and sugars added during the production process, the propose label requires “Added Sugars” to be a separately listed category which would include only those sugars added to the food during production.
Nutrient Content and % Daily Value Calculations
Other changes include updates for to how to calculate the Percent Daily Value for nutrients such as fiber and calcium, requirements to list nutrients such as Potassium and Vitamin D, and no longer requiring the label to include Vitamins A and C.
From a public health standpoint, the proposed changes raise three important and related questions:
- Will consumers read and understand the new information provided on the Nutrition Facts panel?
- Will the updated and highlighted information lead consumers to make better food choices?
- Will those better food choices lead to better health outcomes?
The new Nutrition Facts panel has implications in the advertising world as well. Claims about nutrition content of foods are based on what the manufacturer is permitted to say in the Nutrition Facts panel. Changes to the panel necessarily mean changes to how food companies are permitted to advertise their products. We will certainly see a new wave of advertisers capitalize on foods with “No Added Sugars” but what other patterns should we expect?
The proposed rules are available here: Revision to the Nutrition and Supplement Facts Labels; and Serving Sizes of Foods That Can Reasonably Be Consumed At One-Eating Occasion, et. al
FDA will be accepting comments for 90 days.
As mentioned on our Health Industry Washington Watch blog, the Food and Drug Administration (FDA) has announced that it will hold a public hearing on March 25 and 26, 2014 to receive input on the current processes for reviewing over-the-counter (OTC) drugs. In the announcement, the FDA concedes that the current OTC drug review “needs a critical examination at this juncture to examine whether and how to modernize its processes and regulatory framework.” This hearing will be a major step in FDA’s long-standing plan to overhaul the OTC drug system. To read the entire post, click here.
EU Research Group Condemns EU Regulation for Restricting Growth in Life Sciences Sector; NHS Advocates Selling Confidential Patient Data For Secondary Purposes
Reed Smith’s Global Regulatory Enforcement Law blog features two posts of interest to those in the life sciences industry, both written by Reed Smith partner Cynthia O’Donoghue. “EU Research Group Condemns EU Regulation for Restricting Growth in Life Sciences Sector” discusses the opposition of a lobbying group, led by the Wellcome Trust, to amendments to the proposed General Data Protection Regulation – amendments that they believe could severely inhibit future growth of the life sciences sector in the European Union. “NHS Advocates Selling Confidential Patient Data For Secondary Purposes” discusses the criticism of the UK’s Health and Social Care Information Centre and NHS England’s new initiative known as ‘care.data,' which involves the extraction, anonymization, and aggregation of patient data from GP practices in a central database for sale to third parties such as drug and insurance companies.
New UK Pharmaceutical Packaging Warnings: Lucy in the Sky with Directions for Marketing Authorisation Holders
The UK Medicines and Healthcare Products Regulatory Agency has directed Marketing Authorisation Holders (MAHs) for medicines containing specified controlled drugs to update their Summary of Product Characteristics, patient information leaflets, and product labeling. These new warnings are designed to make it easier for the government to enforce a new law prohibiting driving under the influence of drugs, to take effect later this year. For more information, read the full alert written by Reed Smith lawyers John Wilkinson, Nicola Maguire and Adam Lewington.