Articles Posted in COVID-19

Published on:

On November 15, 2021, the Department of Health and Human Services (HHS) issued a press release explaining the agency’s intent to withdraw a policy established during the Trump Administration that limited the Food and Drug Administration’s (FDA) ability to regulate COVID-19 laboratory-developed tests (LDTs). The new policy allows the FDA to require clinical labs to submit emergency use authorization (EUA) requests for such tests. On the same day, FDA published a revised Policy for Coronavirus Disease-2019 Tests During the Public Health Emergency and an Umbrella EUA for serial testing using certain LDTs, as well as updated the majority of its FAQs on Testing for COVID-19.

In an FDA press release also published on November 15, the agency outlined its current areas of focus for EUA reviews:

  • At-home and point-of-care (POC) diagnostic tests for use with or without a prescription and that can be manufactured in high volumes;
Published on:

After a hiatus during the height of the COVID-19 pandemic, Medicare audits have resumed in full force. Providers and suppliers should be prepared to respond to audits that were paused during the pandemic, the initiation of new audits, and audits relating to the various pandemic relief programs.

In early 2020, the Centers for Medicare and Medicaid Services (CMS) directed its contractors to pause audit activities as auditors were unable to work in the office and healthcare providers were reeling from the multiple impacts of the pandemic. CMS both paused in-progress audits and temporarily halted the initiation of new audits.

In late 2020, CMS authorized Medicare Administrative Contractors (MACs) to resume post-payment audits. Over the last year, CMS has authorized the resumption of nearly every type of audit and the initiation of new audits. As Medicare contractors process these directives and restart their audit activities, Medicare provides are seeing a wave of documentation requests, audit determinations, overpayment demands, and appeal decisions. Audits and claims appeals that have been dormant for a year or longer are suddenly active. New audits are being initiated for the first time in over year. And, in addition to audits by Medicare and other payors, providers must face compliance challenges and potential audits from pandemic relief programs, such as the Provider Relief Fund.

Published on:

On November 5, 2021, the Centers for Medicare and Medicaid Services (CMS) released an interim final rule with comment period to require COVID-19 vaccination for staff of certain healthcare providers. The rule applies only to certain providers, but is expansive in scope where it is applicable. Under the rule, affected staff must receive their first vaccine dose by December 6, 2021 and be fully vaccinated by January 4, 2022.

The CMS vaccine requirement does not apply to all Medicare-enrolled providers and suppliers. CMS issued the mandate under its authority to set Conditions of Participation for certain providers. Therefore, only these specific, Medicare-certified provider types are directly subject to the requirement:

  • Ambulatory Surgical Centers (ASCs)
Published on:

UnitedHealth Group has agreed to reprocess the entirety of its commercial claims related to COVID-19 vaccine administration. The move comes after federal investigators concluded that UnitedHealth, as the nation’s largest insurer, paid “millions” of providers 40% less than the Medicare rate for vaccinating patients. According to a letter from the Senate Aging Committee, UnitedHealth is responsible for identifying how many providers’ bills from March to July 2021 need to be repaid and must provide the Committee with information regarding to who and how much the insurer owes by November 5. UnitedHealth’s change in position is a welcome occurrence for healthcare providers, who have often encountered difficulties when seeking reimbursement from commercial insurers for COVID-19 related services, especially vaccine administration and COVID-19 diagnostic testing.

This past week, the UnitedHealth added a statement to its website explaining that it understands “the importance of reimbursement to providers and the effect it has on ensuring they are able to provide vaccinations” and that it will adjust claims paid below the Medicare rate between March 15 and June 30, 2021. The statement further informs providers that UnitedHealth will repay in-network providers and will adjust claims paid less than $40 during that period. The company also notes that, in response to questions it has received about COVID-19 vaccine reimbursement rates for in-network providers, it has “been using the CMS $40 reimbursement value as the basis to pay providers since July 1st,” and in-network providers “do not need to take any action for these adjustments to be processed.”

Although UnitedHealth is not legally required to pay providers the recommended federal rate, federal investigators confirmed it was the only national insurance carrier that had not agreed to pay at least $40 for vaccine administration. Unlike many other medical services, federal legislation in this area prohibits providers from balance billing patients for costs related to the COVID-19 vaccine. Following a determination earlier this year in March by the American Medical Association that the existing rate did not cover the costs associated with administering the vaccine, CMS significantly increased the average payment for COVID-19 immunizations from $28 to $40 for single-dose vaccines and from $45 to $80 for two-dose vaccines. The agency expressed its expectation that commercial carriers should follow suit in offering clinicians a reasonable rate.

Published on:

In response to the mounting nationwide shortage of healthcare workers, one state will allow certain healthcare workers to practice solely on out-of-state licenses. This move may signal similar actions by other states and could have wide-ranging implications for the delivery of healthcare services.

During the height of the COVID-19 pandemic, many states waived requirements that healthcare providers, including in some cases physicians and nurses, be licensed in a particular state to provide services in that state. Often, states allowed a provider licensed and in good standing in any state to providers services to patients within the state based on the provider’s out-of-state licenses. This regulatory flexibility allowed more efficient delivery of care during the pandemic. The greatest efficiency was likely added to the delivery of telemedicine. Quite simply, there is often no technical or practice-related reason why a provider seeing patients via telemedicine must be licensed in the same state as their patient. By waiving regulatory obstacles, providers could practice across state lines by telemedicine and help deliver care to where it was needed most.

However, most of these regulatory flexibilities were only temporary and have since ended, meaning that physicians and providers again must often be licensed in a state to provide services to patients within that state. However, while these flexibilities have largely ended, the shortage of physicians and other healthcare workers, which pre-dates the pandemic, have only grown more acute during the pandemic. In response to these shortages, Nebraska will allow some healthcare workers, including PT, OT, and SLP therapists, to practice in Nebraska without a Nebraska license if the provider is licensed in another state. This move is currently only temporary and does not extend to physicians or nurses.

Published on:

On September 30, 2021, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued guidance to help consumers, businesses, and healthcare entities understand when the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule applies to disclosures and requests for information about an individual’s COVID-19 vaccination status. As a preliminary note, the guidance reminds readers that the HIPAA Privacy Rule does not apply to employers or employment records. The Privacy Rule only applies to HIPAA covered entities, which include health plans, healthcare clearinghouses, and healthcare providers that conduct standard electronic transactions and, in some cases, to their business associates.

The guidance initially answers a highly popular and controversial question in light of the COVID-19 pandemic. According to the OCR guidance, the HIPAA Privacy Rule does not prohibit businesses or individuals from asking whether their customers or clients have received a COVID-19 vaccine. Because individuals or entities such as businesses are not covered entities, the Privacy Rule generally does not apply to them. The Privacy Rule does not regulate the ability of covered entities and business associates to request information from patients or visitors. Rather, the Privacy Rule regulates how and when covered entities and business associates are permitted to use and disclose protected health information (PHI), for example COVID-19 vaccination status, that covered entities and business associates create, receive, maintain, or transmit. In the opposite direction, the Privacy Rule does not prevent customers or clients of a business from disclosing whether they have been vaccinated. The Privacy Rule does not apply to individuals’ disclosures about their own PHI.

The guidance proceeds to inform readers that employers are not prohibited under the Privacy Rule from requiring employees to disclose whether they have received a COVID-19 vaccine to the employer, clients, or other parties. Generally, the Privacy Rule does not regulate what information can be requested from employees as part of the terms and conditions of employment that an employer may impose on its employees. However, other federal or state laws address terms and conditions of employment. Federal anti-discrimination laws generally do not prevent an employer from choosing to require that all employees physically entering the workplace be vaccinated against COVID-19 and provide documentation or other confirmation that they have met this requirement. Under the Americans with Disabilities Act (ADA), documentation or other confirmation of vaccination must be kept confidential and stored separately from the employee’s personnel files. Similarly, the Privacy Rule does not prohibit a covered entity or business associate from requiring its employees to disclose to their employers or other parties whether employees have received a COVID-19 vaccine. The Privacy Rule also generally does not apply to employment records, including employment records held by covered entities and business associates acting in their capacity as employers.

Published on:

The Department of Justice (DOJ) recently announced a plea agreement regarding an alleged $73 million scheme to defraud Medicare that illustrates some of the pitfalls of compliance with the Anti-Kickback Statute (AKS). DOJ alleged that the owners of a clinical laboratory, Panda Conservation Group, LLC, and a telemedicine company, 1523 Holdings LLC, conspired to pay kickbacks in exchange for work arranging telemedicine providers to order genetic testing at Panda’s laboratories. While the parties had an agreement for IT and consultation services, DOJ alleged that this contract was a “sham” to hide the kickback payments and that the telemedicine company abused temporary, pandemic-responsive amendments to telehealth restrictions to refer beneficiaries to the laboratory for expensive and medically unnecessary cancer and cardiovascular genetic testing.

The Anti-Kickback Statute (42 U.S.C. § prohibits a person from knowingly offering, paying, soliciting, or receiving anything of value to induce or reward referrals for services covered by a Federal Healthcare Program. A Federal Healthcare Program is any program that provides health benefits, whether directly or through insurance, which is funded by the United States Government or any State health care program. A violation of the Anti-Kickback statute is a criminal offence and can carry severe penalties, including fines, prison sentences, and potential exclusion from participation in Federal Healthcare Programs in the future.

Since some referrals are necessary to optimize patient care, the Statute provides exceptions called “safe harbors” that permit certain arrangements that follow specific requirements. In the event an arrangement does not meet a safe harbor requirement, the arrangement will be considered on a case-by-case basis. Special care must be taken structure arrangements to comply with the AKS and its safe harbors.

Published on:

On September 10, 2021, the U.S. Department of Health and Human Services (HHS) announced that it would make $25.5 billion in new funding available for healthcare providers affected by the COVID-19 pandemic. This funding includes allocations of $8.5 billion in funding from the American Rescue Plan (ARP) for providers who provide services to rural Medicaid, Children’s Health Insurance Program (CHIP), or Medicare patients, as well as an additional $17 billion in Provider Relief Fund (PRF) Phase 4 funding for a broad range of providers who can document expenses and lost revenue associated with the COVID-19 pandemic.

PRF Phase 4 payments are based on providers’ lost revenue and expenditures between July 1, 2020 and March 31, 2021, in conformity with the requirements of the Coronavirus Response and Relief Supplemental Appropriations Act of 2020 (CRRSAA). PRF Phase 4 is intended to reimburse smaller providers for their lost revenues and pandemic-related expenses at a higher rate compared to larger providers. This characteristic stems from the Biden Administration’s ongoing commitment to social equity, as smaller providers tend to operate on thinner margins and often serve vulnerable or isolated communities when compared to larger providers. Because Medicaid, CHIP, and Medicare patients tend to be lower income and have greater and more complex medical needs, PRF Phase 4 will also include bonus payments for providers who serve these individuals. HRSA will price these bonus payments at the generally higher Medicare rates to ensure equity amongst providers serving low-income children, pregnant women, people with disabilities, and seniors. In parallel, HRSA will make ARP payments to providers based on the amount of Medicaid, CHIP, and/or Medicare services they provide to patients who live in rural areas as defined by the HHS Federal Office of Rural Health Policy. For both programs, HRSA will use existing Medicaid, CHIP, and Medicare claims data to calculate payments.

In order to streamline the application process, providers will apply for both the PRF and ARP programs in a single application. To help ensure that provider relief funds are used for patient care, PRF recipients will be required to notify the HHS Secretary of any merger with, or acquisition of, another healthcare provider during the period in which they can use the payments. Providers who report a merger or acquisition may be more likely to be audited to confirm their funds were used for pandemic-related expenses. The application portal will open on September 29, 2021. Moreover, HHS is also releasing detailed information about the methodology utilized to calculate PRF Phase 3 payments in order to promote transparency in the PRF program. Providers who believe their PRF Phase 3 payment was not calculated correctly according to this methodology will now have an opportunity to request a reconsideration. Specific details on the PRF Phase 3 reconsideration process have yet to be announced.

Published on:

Demonstrating its commitment to audit Provider Relief Fund (PRF) recipients, the Department of Health and Human Services (HHS) has hired several outside contractors to provide audit or program integrity services relating to the PRF. The PRF is a $175 billion fund created by Congress through the CARES Act and administered by HHS (and its sub-agency the Health Resources and Services Administration or HRSA) to provide financial relief to healthcare providers during the COVID-19 pandemic. HHS has subdivided the PRF into various general and targeted distributions. These distributions were paid to providers in several waves between April 2020 and the present.

Publicly available contracts provide a glimpse into HHS’s actions regarding the PRF. Over the last year, HHS has contracted with KPMG to provide “program integrity support,” Kearney & Company to provide “PRF Audit support services,” and Creative Solutions Consulting to provide “audit and financial review services.” Combined, HHS has committed approximately $5.5 million to these contracts. Reports indicate HHS has hired PricewaterhouseCoopers and Grant Thornton, as well.

Although HHS’s retention of contractors is nothing new, these agreements signal to providers that HHS is not taking PRF reporting lightly. Providers who received and retained payments through the PRF are required to file reports justifying their use of the funds and documenting their compliance with the terms and conditions of the payments. Providers must report information on healthcare-related expenses attributable to coronavirus, lost revenue attributable to coronavirus, other pandemic assistance received, and administrative data. Providers who received more than $500,000 in aggregate payments are required to report some data elements in greater detail, including specific information regarding operations, personnel, supplies, equipment, facilities, and several other categories. Thus, some providers will be required to report significant amounts of financial information in considerable detail.

Published on:

According to data from the Pharmacy Audit Assistance Service (PAAS) National, the Covid-19 Public Health Emergency (PHE) has negatively affected pharmacies navigating audits by Pharmacy Benefit Managers (PBM). PBMs are companies who are primarily responsible for developing and maintaining drug formularies, contracting with pharmacies, negotiating discounts and rebates with drug manufacturers, and processing and paying prescription drug claims. PBMs manage prescription drug benefits on behalf of health insurers, Medicare Part D drug plans, large employers, and other payers. PBMs routinely conduct audits on member pharmacies in order to monitor pharmacies’ performance and identify alleged improper payments made to the pharmacies. However, PBMs have been criticized for overstepping those audit functions by utilizing audits as a source of revenue for themselves at the expense of independent pharmacies and patients.

In response to the PHE, many state insurance agencies and PBMs themselves suspended in-person audits in 2020 and shifted to virtual audits. The virtual nature of a PBM audit means pharmacies are responsible for a greater workload because they must complete tasks that would normally be completed by a PBM during a field audit. For example, pharmacies must locate, organize, and deliver hundreds of pages of documents and records in compliance with PBMs’ standards, while managing the day-to-day pharmacy operations. Although virtual PBM audits allows benefit managers to review more pharmacy claims than during traditional in-person audits, it also allows them to potentially deny more claims than before.

According to PAAS National, even though the number of pharmacy audits in 2020 declined nearly 14% year over year, the overall number of prescriptions reviewed increased by 40%. PAAS data also shows that the average audit in 2020 cost pharmacies $23,978, which is 35% more than the annual average over the previous five years. This data further implies that pharmacies are shouldering more of the administrative burden of responding to audits in addition to the task of pursuing a subsequent appeal where the PBM denies claims during an audit.

Contact Information