The expansion of telehealth is changing the landscape of health care. This is the third in a four-part series exploring what providers should know about this growing area.

Medicaid programs pay for telemedicine, telehealth and telemonitoring services delivered through a range of interactive video, audio or data transmission (telecommunications). Various state Medicaid programs are experiencing a significant increase in claims for these services and expect this trend to continue.

Telehealth providers participating in the Medicaid program for telehealth services should take note of the project announced at the end of 2017 that was started to review state Medicaid payments for telemedicine and other remote services.

The Medicaid Services Delivered Using Telecommunication Systems project was initiated by the Office of Inspector General (OIG) and included in the OIG’s November 2017 Work Plan update. The OIG notes the “significant increase in [Medicaid] claims” for telehealth, telemedicine and telemonitoring services” and indicates that the OIG expects that to continue.

Compliance with the Medicaid requirements that apply to telehealth differs from state to state. The coverage, coding and documentation rules are not necessarily easy to find. Most telehealth requirements are found in policy manuals and transmittals rather than in regulations. Medicaid providers should also continue to monitor the OIG’s Medicaid Services Delivered Using Telecommunication Systems for any updates and reports that can serve to provide guidance for the provision of telehealth to Medicaid patients. The OIG is expected to issue a report on the Medicaid Services Delivered Using Telecommunication Systems project in 2019, providing further guidance on Medicaid requirements and reimbursement for telehealth providers.  

Next in our telehealth series: Telehealth Models and Provider Arrangements. Read the previous installments here and here.

Many hospitals share space with other health care entities. Despite this, the Centers for Medicare & Medicaid Services (CMS) has given mixed signals — and never issued formal guidance — concerning the permissibility of shared spaces under the Medicare Conditions of Participation (CoP). This has created great confusion and uncertainty for hospitals as they try to meet the challenges of a rapidly changing health care system.

That’s all about to change!

On May 3, 2019, CMS issued draft guidance for hospitals that “co-locate.” According to CMS, co-location occurs when “two hospitals or a hospital and another healthcare entity are located on the same campus or in the same building and share spaces, staff, or services.” Under prior informal guidance, CMS prohibited co-location between a hospital and a non-hospital, but CMS seems to have had a change of heart (we hope!).

As described below, CMS’s proposed guidance generally approves of co-location, although with some limitations. The guidance is broken down into three categories: shared spaces, contracted services (including staffing), and emergency services.

CMS will accept comments on the proposed guidance until July 2, 2019.

Shared spaces

Here, CMS distinguishes between clinical and non-clinical spaces. First, CMS believes that the sharing of clinical spaces poses a safety risk to patients, due to infection control, patient management, the patient’s right to privacy, and the confidentiality of medical records.

As a result, CMS appears unwilling to approve of shared clinical spaces at this time. Examples of clinical spaces provided by CMS include outpatient clinics, laboratories, pharmacies, imaging services, operating rooms, post-anesthesia care units, and emergency departments.

This prohibition includes any “paths” between entities that go through a clinical space. For example, it is not permissible if a patient accesses a co-located entity by traveling through a hospital’s clinical department. In contrast, a public path of travel — such as a main corridor with distinct entrances to different departments, with signs that identify which entity operates which department — is permissible.

Second, non-clinical public spaces — such as lobbies, waiting rooms, restrooms, staff lounges, elevators, and main corridors — may be shared by the co-located entities. However, a shared waiting room and reception area must have separate check-in areas and signs that identify which check-in area is used by which entity. CMS also notes that some types of areas pose specific risks if they are shared. For example, if the same area is used by both entities for admissions and medical records, it could “potentially pose a risk to patient privacy as an unauthorized person could have access to patient records without consent.”

Importantly, “any non-compliance found in [a shared] space could be considered non-compliance for both entities.” The entity that is not being surveyed may be reported to the State Survey Agency or CMS for further review.

When surveying a hospital, CMS will instruct the appropriate State Survey Agency to review a hospital’s floor plan to ensure compliance with the shared space requirements. The spaces within the hospital must be correctly identified as belonging to one or the other entity, or to both, to help stave off any further investigation by the surveyor.

Contracted services

CMS generally approves of providing services under a contract or other arrangement with a co-located entity. Examples of services include laboratory, dietary, food preparation and delivery, pharmacy, maintenance, housekeeping, fire detection and suppression, and security services. CMS does not identify any specific services that could not be provided under a contact with a co-located entity.

However, there are special concerns for staffing contracts. Generally, to comply with hospital staffing requirements, staff may not simultaneously provide services to both entities or “float” between them during the same “shift.” For example, a nurse may not perform services at one hospital while at the same time being “on call” with respect to a co-located hospital. In contrast to general staff, a member of the medical staff (i.e., a physician) who is privileged and credentialed at each hospital may float between them, except when providing certain emergency services (see below). CMS has stated that surveyors will review staffing schedules to ensure compliance with these requirements.

All shared staff must also, with respect to each co-located entity: (1) be trained in the entity’s relevant policies and procedures; (2) receive adequate oversight and periodic evaluation; (3) adhere to quality and performance improvement standards; and (4) be accountable to clinical practice requirements.

When surveying a hospital, in addition to the floor plan, CMS will request a list of all services the hospital has contracted with a co-located entity to provide. Hospitals should be diligent about creating and maintaining such a list.

Finally, CMS notes that a hospital “is not necessarily required to notify its patients and their representative[s] of all services provided under a contract or arrangement,” so long as such services are provided under the oversight of the hospital’s governing body.

Emergency services

CMS notes that hospitals without emergency departments must have in place “appropriate policies and procedures” to address emergencies 24/7. These policies and procedures include: identifying when a patient is in distress; how to initiate an emergency response; how to initiate treatment; and recognizing when the patient must be transferred to another facility for treatment.

A hospital without an ER may contract with a co-located entity for staff who will perform the appraisal and initial treatment in emergency situations, so long as such contracted staff are working solely for the hospital at the time and are immediately available in the event of an emergency. The contracted staff may not be simultaneously working at the co-located entity or any other entity. There may be circumstances where a patient requires an appropriate transfer to the other co-located entity for further care, which would be permissible.

In contrast, if a hospital without an ER contracts with a co-located hospital’s emergency department to provide “emergency services” (as opposed to simply using contracted staff to perform the appraisal and initial treatment), the hospital without the ER is “considered to provide emergency services and must meet the requirements of [the Emergency Medical Treatment & Labor Act (EMTALA)].” However, the proposed guidance is not clear on when exactly EMTALA obligations will be triggered based on the nature of the contracted services provided by the co-located entity.

Co-located hospitals will need to carefully consider what arrangement will work best for providing emergency services.

Lingering questions

CMS’s proposed guidance leaves several key terms undefined. For example:

• It is not clear what types of “health care entities” hospitals may co-locate with and what types of entities a hospital may not co-locate with. Relationships between hospitals and physicians are very important, and the draft guidance does not address whether physicians or physician groups constitute “health care entities.”
• CMS does not define what a “shift” is so that hospitals may prevent impermissible floating between entities by shared staff.
• CMS does not define what “emergency services” would trigger EMTALA obligations for a hospital without an ER that contracts with a co-located hospital’s emergency department.

CMS also fails to address the sharing of an electronic health records system by co-located entities, or how the draft guidance affects compliance with provider-based requirements (as opposed to the Medicare CoP).

Finally, CMS notes that certain types of entities participating in Medicare have specific location and separateness requirements, such as psychiatric hospitals, ambulatory surgery centers, rural health clinics, and Independent Diagnostic Testing Facilities. This guidance does not address those specific requirements. Those entities should ensure that any co-location does not violate their CoP.

Any hospitals or other health care entities that may or do share space should review the proposed guidance in detail and submit comments by the July 2, 2019, deadline. We believe CMS will receive thousands of comments, which may cause CMS to change or expand the draft guidance before it is finalized.

According to the Department of Justice (DOJ), the opioid crisis in the United States is now a national public health emergency. Unfortunately, such pervasive opioid use is presenting prime opportunities for drug manufacturers, health care providers and pharmacies to make money by engaging in various illegal kickback schemes.

In the past 10 years, regulatory scrutiny has increased significantly for opioid prescriptions in light of its rising domestic use. This increase, coupled with more stringent insurance requirements tied to opioid prescriptions, has decreased the availability and accessibility of various opioids to everyday users. It also has affected drug manufacturers’ overall profitability as a result of decreased opioid sales. 

In this complicated environment, some drug manufacturers have resorted to finding new ways to incentivize doctors to prescribe opioids. The federal Anti-Kickback Statute (AKS), however, places limits on what drug manufacturers may do lawfully. The AKS prohibits offering, providing, soliciting or receiving certain forms of “remuneration” in exchange for prescriptions or referrals for prescriptions, if a federal health care program — such as Medicare or Medicaid — may pay some of the cost.

A recent example of such a kickback scheme is evidenced in the 10-week trial of the former chief executive officer and founder of Insys Therapeutics Inc., John Kapoor. On May 2, 2019, after 13 days of deliberation, the jury convicted Kapoor of participating in a classic kickback scheme to pay doctors bribes in exchange for prescribing fentanyl — an opioid 100 times more powerful than morphine. Following this conviction, touted as one of the most high-profile prosecutions related to the opioid crisis, Kapoor and his co-conspirators will be formally sentenced in September 2019.

As evidenced by the Kapoor trial, prosecutors are now increasing their efforts toward  prosecuting illegal kickback schemes in an effort to respond to the opioid crisis. In July 2018, the DOJ announced the rollout of Operation Synthetic Opioid Surge, a program designed to reduce the supply of opioids in high-impact areas. With this renewed energy toward combating the opioid crisis, the DOJ continues its approach to use every tool available to address opioid-related crime, including criminal prosecutions and civil enforcement actions.

For example, the DOJ has increasingly used the federal False Claims Act (FCA) to prosecute illegal kickback schemes related to opioid use. Under the FCA, the DOJ may seek treble damages — equal to three times the amount of the claim itself — as well as civil penalties. Notably, in 2017, the DOJ won a $7.5 million settlement against a leader of a large drug manufacturer of the opioid Abstral. There, the DOJ successfully alleged that the company paid multiple kickbacks to induce doctors to prescribe the drug in violation of the FCA.

Additionally, Congress passed the Eliminating Kickbacks and Recovery Act of 2018 (EKRA) to further increase law enforcement tools available to fight the opioid crisis. EKRA was specifically formulated to address kickback schemes where the AKS falls short, when federal health care programs are not involved. EKRA may impact recovery homes, treatment facilities and clinical laboratories.  

With the increased attention to opioid-related kickback schemes, drug manufacturers, health care providers and pharmacies should be vigilant about strictly complying with rules governing controlled substances and should carefully consider whether any remuneration could be viewed as a violation of the AKS or EKRA.

On April 23, 2019, the U.S. Department of Health & Human Services (HHS) published a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties (CMP) outlining interim annual limits for HIPAA violations. HHS believes the revised annual limits “reflect the most logical reading of the HITECH Act.” These amounts are subject to change pending further rulemaking.

The prior annual limits on CMPs were $1.5 million for any type of violation (no knowledge, reasonable cause, willful neglect – corrected, and willful neglect – not corrected). The new annual limits will be as follows:

1. No knowledge: $25,000;
2. Reasonable cause: $100,000;
3. Willful neglect – corrected: $250,000; and
4. Willful neglect – not corrected: $1.5 million.

HHS did not modify the amounts for minimum and maximum penalty per violation. Revising the annual CMP limits appears to be a step in the right direction by giving credit to those entities that have taken steps to meet and comply with HIPAA’s requirements. How these interim annual limits will be used against providers remains to be seen.

In November 2018, Missouri became the 33^rd state to approve the use of medical marijuana, and rules and regulations for medical marijuana are being drafted by the Missouri Department of Health & Senior Services (DHHS). On March 15, 2019, DHSS released more draft rules. Of the published draft rules, there is only one set that relates to physician certifications. However, hospitals and other health care providers will encounter numerous challenges once medical marijuana becomes available in Missouri in 2020.

One of the biggest challenges is the conflict between state and federal law. While the momentum seems to be growing for federal reform as more states allow medical and/or recreational marijuana use, marijuana is still illegal and is considered a Schedule 1 Controlled Substance Drug under federal law. A Schedule 1 Controlled Substance Drug is viewed by the federal government as having a high potential for abuse and has no legitimate medical use. Many hospitals and other health care providers are subject to federal law because they receive reimbursement from federal government payor programs such as Medicare and Medicaid and/or are 501(c)(3) non-profit organizations. Health care providers could place their Medicare and Medicaid participation and, if applicable, 501(c)(3) status, at risk because of the different federal rules that do not currently recognize legal marijuana use for any purpose.

Missouri’s Amendment 2 provides that physicians and health care providers who (a) own, operate, invest in, work at or contract with a cultivation facility, marijuana-infused product manufacturing facility or dispensary, or (b) issue a certification to a qualifying patient, may not be subject to criminal or civil liability or sanctions under Missouri law, or discipline by the Board of Healing Arts. However, those physicians and health care providers could be subject to federal sanctions by the U.S. Drug Enforcement Administration or found to be in violation of the federal Controlled Substances Act. In 2013, the U.S. Department of Justice issued a policy memorandum (the “Cole Memo”) indicating it would not use DOJ resources to prosecute offenses relating to marijuana in states where marijuana use was legally implemented. The Cole Memo was rescinded by then-Attorney General Jeff Sessions in 2018. No further official policy statements have been provided, although recent statements by the new attorney general, William Barr, signal that change may be coming. Clarification is needed.

Aside from potentially facing criminal liability and loss of Medicare or Medicaid billing privileges and non-profit status, there are numerous operational and employment-type decisions hospitals will need to address as medical marijuana becomes available in Missouri. For example, a hospital should anticipate that some inpatients using medical marijuana will want to bring it to the hospital to self-administer while admitted. How will the hospital handle that situation? Will medical marijuana be considered a “medication” and treated the same as other self-administered medications? Can medical marijuana be kept in the hospital? The federal/state law conflict and the fact that state regulations are not yet finalized create significant challenges for health care providers.

As employers, hospitals and other health care providers will have to consider numerous employment issues such as disability discrimination and accommodations, patient safety issues, workplace impairment, unemployment compensation, workers’ compensation, and drug testing.  Missouri employers should already be working to update existing policies or create new policies as necessary to be ready to address these issues when medical marijuana becomes legal in 2020.

The Missouri DHHS is drafting regulations related to medical marijuana. Interested hospitals and health care providers should work with their elected representatives or professional organization, on both a federal and state level, to advocate for regulations that will address the important issues facing health care businesses. A change to the federal law is needed to remove the barriers and uncertainty health care providers face as a result of conflicts between lawful state activities and current federal prohibitions.

Because of the uncertainties and rapid changes in the laws regarding medical marijuana, hospitals and other health care providers planning to own, operate, invest in, work at or contract with a cultivation facility, marijuana-infused product manufacturer or dispensary should work with qualified legal counsel to ensure ongoing compliance with federal and Missouri law. Please contact an attorney in our Health Care Practice Group or Employment & Labor Practice Group if you have questions about these issues.

The expansion of telehealth is changing the landscape of health care. This is the second in a four-part series exploring what providers should know about this growing area.

Before 2015, Medicare did not pay separately for telehealth, and telehealth and telemedicine services were bundled into “evaluation and management” codes. However, in 2015, the Center for Medicare & Medicaid Services (CMS) added further telehealth coverage. CMS has added seven telehealth billing codes, including codes for psychotherapy, prolonged office visits and annual wellness visits conducted electronically. CMS also began paying for remote patient monitoring for chronic conditions.

CMS has reimbursed providers for remote patient face-to-face services via live video conferencing requirements when the eligible beneficiary in the originating site is located outside of a Metropolitan Statistical Area (MSA) for eligible medical services, and the telehealth is provided by eligible providers (physicians, nurse practitioners, and/or physician assistants) and by an eligible facility. If these requirements are met, the practitioner delivering services will be reimbursed for medical services in the same amount as the current fee schedule and nonmetro facility eligible for facility fee. However, Medicare reimbursement for telehealth continues to be available only at clinical sites in rural areas. CMS restricts telehealth services to beneficiaries that live in counties outside of a MSA and within a health professional shortage area (HPSA) as designated by the federal government.

Medicare does not cover home health services that are provided via telehealth. Medicare reimbursement is not permitted for any covered home health services paid under the home health prospective payment system. In addition, Medicare does not reimburse for remote non-face-to-face services, as such services are not considered to be telehealth by CMS and are covered as on-site services. An example of remote non-face-to-face services is an interpretation of an electrocardiogram that has been transmitted via telephone.   

Included in the bipartisan budget deal signed by the president to end the government shutdown, Congress passed a short-term funding package on Feb. 8, 2019, that included two years of funding for several health care programs. FAST (Furthering Access to Stroke Telemedicine) Act was included in this budget deal. FAST expands telemedicine for stroke by requiring Medicare to reimburse for telestroke services regardless of where a patient receives treatment.

Next in our telehealth series: Medicaid Coverage for Telehealth. Read the previous installment here.

The Centers for Medicare & Medicaid Services (CMS) has found that hospitals are increasingly operating “off-campus, outpatient, provider-based” departments. Services provided at these off-campus facilities are required to be billed using the off-campus facility’s address so that payment can be accurately made under the Medicare Physician Fee Schedule (MPFS) or the Outpatient Prospective Payment System (OPPS).

Beginning in April 2019 — and no, this is not an April Fool’s joke — CMS will begin returning OPPS claims where the address on the claim does not match the exact address appearing on the hospital’s Form 855A.

And by “exact address,” CMS means the exact address on the 855A. A claim will be returned for using “Rd.” instead of “Road,” or “Ste.” instead of “Suite,” depending on how it was originally spelled on the 855A.

This should only affect OPPS providers with multiple practice locations. To avoid having claims returned, your hospital should ensure that the practice locations listed on its Form 855A are up to date and that any claims submitted match the address on file with CMS exactly.

This is also a good opportunity to review your hospital’s Form 855A and correct any information that is no longer accurate.

The battle over health benefits rages on. In the latest salvo, a group of states scored a major court victory against the Trump administration’s new “Association Health Plan” Final Rule, which was finalized in 2018. While this decision will have major ramifications, it is important to remember that association health plans may still be established under old rules that existed long before the final rule.

The case is styled New York v. United States Dep’t of Labor, No. CV 18-1747 (JDB), 2019 WL 1410370 (D.D.C. Mar. 28, 2019).

Background

The final rule expanded existing guidance from the Department of Labor (DOL). The old guidance allowed only a “bona fide” association of employers in a particular industry to provide health benefits, in order for those benefits to be treated as a single plan (as opposed to separate plans established by each individual employer). The new guidance allowed employers who are in completely unrelated industries to form a single plan, so long as they were all in the same state or metropolitan area, and it allowed sole proprietors without any common law employees to join, too.

The final rule caused a ruckus, since these association health plans could avoid many requirements under the Patient Protection and Affordable Care Act (ACA) and significantly cut back benefits. Importantly, however, states retained tremendous freedom to regulate association health plans. States could potentially mandate their own essential health benefits or ban association health plans altogether.

The final rule acknowledged the view of several commenters that the new rules were an invalid attempt to create a loophole through the ACA’s strict requirements for individual and small group health plans. The DOL went ahead despite those comments and was promptly sued by 11 states and the District of Columbia.

The decision

On March 28, 2019, the U.S. District for the District of Columbia ruled in favor of the states, vacating three critical subsections of the new regulation created by the final rule — specifically, subsections (b), (c), and (e) of 29 C.F.R. § 2510.3-5. The court held that:

• Allowing employers linked only by geography to constitute a single employer is inconsistent with ERISA, since such groups more “closely resemble entrepreneurial, profit-driven commercial insurance,” as opposed to an association acting as an “employer”;
• Counting sole proprietors as both employers and employees is inconsistent with the text and purpose of ERISA; and
• The final rule leads to absurd results under the ACA.

The court used colorful language in the opinion, stating that the “Final Rule is clearly an end-run around the ACA,” that it relies on a “tortured reading” of the ACA, and that the DOL’s legal reasoning is “pure legerdemain” (i.e., sleight of hand).

Technically, the case has been remanded to the DOL to determine what, if anything, survives the court’s ruling, and the decision is sure to be appealed. But, practically speaking, the final rule is dead for now. No associations or employers should rely on the final rule to form an association health plan.

Association health plans under old rules still valid

In the meantime, it is important to remember that the opinion did nothing to upset the DOL’s sub-regulatory guidance issued prior to the now-vacated final rule. These old rules are still in effect and can still be relied upon to form a “bona fide” employer association and provide a single health plan under ERISA. However, certain limitations will exist. For example:

• Sole proprietors will not be able to join the association;
• The association cannot be created for the purpose of providing health benefits; and
• All of the association’s members must have a “commonality of interest” — employers linked by nothing but geography cannot form a single association health plan.

Depending on what a group wants to do, the decision in New York v. United States Dep’t of Labor may or may not have a large impact.