North America

Federal District Court Vacates QPA Rebuttable Presumption Provisions of No Surprises Act Regulations

On February 23, 2022, in the case captioned Texas Med. Ass’n v. U.S. Dep’t of Health & Human Servs., No. 6:21-cv-00425-JDK (E.D. Tex.), the U.S. District Court for the Eastern District of Texas issued the first major judicial decision addressing implementation of the new federal No Surprises Act, which went into effect nationally on January 1, 2022.  The Court’s decision significantly alters the landscape for claims qualifying for the No Surprises Act’s Federal Independent Dispute Resolution Process (IDRP), an arbitration process designed to resolve certain reimbursement disputes between commercial payors and out-of-network health care providers or emergency facilities.

Read full article

Cookies Resulting in Cross Border Transfers of Personal Data to the United States Draw Scrutiny from European Data Privacy Regulators

Recent decisions from the European Union (EU) have placed renewed focus on the use of common cookies used on ecommerce and other websites used by consumers and employees and transfers of personal data collected through cookies to the United States. The EU Data Protection Authorities (DPAs) found that the use of widely used website technologies (i.e., cookies and java script) to automatically collect identifiers from the users’ devices or through their use of internet protocols (e.g., IP addresses) resulted in the collection of personal data. The DPAs further found that the subsequent transfer of this data to Google servers located in the United States violated EU cross-border data transfer requirements because there were inadequate safeguards under the Schrems II decision invalidating the EU-US Privacy Shield. One notable impact of the decisions is to dismiss the adequacy of encryption technologies where the service provider (such as Google) has access to the cryptographic key and can be compelled to surrender it in order for the data to be decrypted and read by U.S. surveillance authorities. Consideration of the impact of these decisions is critically important for ecommerce and other websites operating in the EU, as well as more generally for organizations that transfer personal data of consumers and employees to the U.S.

Read full article

CISA Encourages “Shields Up” to Protect Operations and Workers as Cyber War Ramps Up

The U.S. Cybersecurity and Infrastructure Agency (CISA) has urged a “Shields Up” defense in depth approach, as Russian use of wiper malware in the Ukrainian war escalates. The Russian malware “HermeticWiper” and “Whispergate” are destructive attacks that corrupt the infected computers’ master boot record rendering the device inoperable. The wipers effectuate a denial of service attack designed to render the device’s data permanently unavailable or destroyed. Although the malware to date appears to be manually targeted at selected Ukrainian systems, the risks now escalate of a spillover effect to Europe and the United States particularly as to: (i) targeted cyber attacks including on critical infrastructure and financial organizations; and (ii) use of a rapidly spreading indiscriminate wiper like the devastating “NotPetya” that quickly moves across trusted networks. Indeed, Talos researchers have found functional similarities between the current malware and “NotPetya” which was attributed to the Russian military to target Ukranian organizations in 2017, but then quickly spread around the world reportedly resulting in over $10 billion dollars in damage.[1] The researchers added that the current wiper has included even further components designed to inflict damage.

Read full article

Vaccine Requirements – United States: Massachusetts

Over the past year, it has become increasingly common for employers in Massachusetts to establish and enforce mandatory COVID-19 vaccination policies. Such policies are legal and appropriate in Massachusetts. Unless required by law (see below), implementation of mandatory vaccination policies is at the discretion of the employer. Other than strict mandatory vaccination requirements for all employees, options include an alternative to vaccination in the form of regular testing, masking and social distancing requirements. Also, depending on such considerations as the nature of your business, the various duties and conditions of employment of your workforce, whether your employees are on site or remote, and whether they interact with the public, it may be reasonable to establish and enforce different policies for different groups of employees. It is recommended that employers carefully consider what makes sense for their needs and the needs of their employees. Read more…

Read full article

Vaccine Requirements – United States

In the United States, the federal government has faced challenges in imposing vaccination mandates for large private employers, federal contractors, and certain health care employees. Because of that, choices around vaccination mandates have largely been left to private employers, in compliance with state and local laws relating to vaccination status. While some locations have mandated vaccination for private employers (New York City), others have placed restrictions on private employers’ ability to impose vaccine mandate (e. g., Florida, Texas, Utah, etc.). Below is a summary of two of these rules, to show how U.S. jurisdictions are treating vaccine mandates.

Read more…

Read full article

Podcast: Interoperability: The Provider Perspective – Diagnosing Health Care

New from the Diagnosing Health Care Podcast:  One of the long-term goals of the interoperability and information-blocking rules is to give health care providers a much more comprehensive view of a patient’s entire continuum of care.

In this episode, Andrea Darby, the Vice President of IT Integration – Applications for OhioHealth, offers a provider’s perspective on their role in a health care ecosystem that is striving to achieve much-needed interoperability.

Read full article

Podcast: Owner’s Outlook: Vaccine Mandate for Construction Workers at Health Care Facilities – Diagnosing Health Care

In this episode of the Diagnosing Health Care Podcast:  The Supreme Court recently upheld the Centers for Medicare and Medicaid Services (CMS) vaccine mandate, which requires recipients of federal Medicare and Medicaid funding to ensure that employees, including third- party contractors, are vaccinated against COVID-19. The Court’s decision has clear implications for owners of health care facilities and their contractors with active construction work in 2022 and beyond.

Read full article

CMS Releases No Surprises Act State Enforcement Letters

During a National Stakeholder Call on January 18, 2022, Ellen Montz—Deputy Administrator and Director of the Center for Consumer Information and Insurance Oversight (CCIIO) at the Centers for Medicare and Medicaid Services (CMS)—announced that CMS had begun publishing state-specific letters (the “Enforcement Letters”) detailing anticipated Federal and state responsibilities with respect to enforcement of the No Surprises Act (NSA) on the CCIIO website. Although CCIIO has yet to publish Enforcement Letters for a minority of states,[1] the Enforcement Letters that have been published provide critical details regarding how the NSA intersects with existing state laws and CMS’s expectations regarding NSA enforcement in each state.

Read full article

New York HERO Act COVID-19 Designation Extended Again: Safety Plans Required through March 17, 2022

New York employers seeking further relaxation of COVID-19 mitigation protocols after the recent lifting of a statewide mask mandate will have to wait. The designation of the virus as a “highly contagious communicable disease that presents a serious risk of harm to public health” that had been extended through February 15, 2022 was extended yet again. An order by the New York State Commissioner of Health continues the designation, made pursuant to the New York HERO Act, through March 17, 2022. This means that New York employers must continue to implement their safety plans, including daily screening of employees working onsite. The New York State Department of Labor recently issued an updated model safety plan with recommendations, as opposed to requirements, regarding usage of masks indoors.

Read full article

Podcast: Chevron Deference: Is It Time for Change? – Diagnosing Health Care

In this episode of the Diagnosing Health Care Podcast:  This term, the Supreme Court of the United States is set to rule in a Medicare reimbursement case that has sparked a fresh look at the historical deference often granted to agencies and whether it should remain, be modified, or even be overruled.

Attorneys Stuart GersonRobert Wanerman, and Megan Robertson discuss why Chevron deference matters to health care industry stakeholders and what aspects of deference arguments should be in focus as these cases progress.

Read full article