The Federal Trade Commission (FTC) continues to prioritize the protection of consumers’ digital health information. The agency has demonstrated this commitment through enforcement actions against GoodRx and BetterHelp for sharing consumer health information for advertising purposes (see our blog posts on each respective action here and here), and in a post published by the FTC Office of Technology on March 16, 2023, titled “Lurking Beneath the Surface: Hidden Impacts of Pixel Tracking.” The FTC post provides a deep dive on the technical aspects of the GoodRx and BetterHelp enforcement actions, including a primer on pixel tracking technology and how it works to collect data and personal information of website visitors and users of mobile apps. The post also confirms that the GoodRx and BetterHelp enforcement actions arose from the companies’ sharing of consumers’ health information with tracking technology vendors. In light of these recent developments, digital healthcare platforms must understand how they collect, use, and share consumer health information.
There are multiple components to the risk defendants must consider when faced with going to trial for a matter involving the False Claims Act (FCA). Setting aside the incalculable impact that litigation can have on business operations, the statute itself anticipates repayment of the proven overpayment, treble damages, and exposure to a civil statutory penalty equal to a range between $13,508 and $27,018 per false claim. Combined, the trebling effect of a jury award plus the draconian statutory penalties in FCA matters could create an existential crisis for a defendant that opts to take an FCA matter to trial and then loses.
Following its February settlement with GoodRx, the Federal Trade Commission (FTC) has fired another shot across the bow in its ongoing campaign to protect consumers’ digital health information. Earlier this month the FTC announced a consent order with BetterHelp, Inc., an online mental health counseling service, to resolve alleged violations of the Federal Trade Commission Act (FTC Act) related to the company’s collection, use, and sharing of customers’ health information.
We are not surprised by the continued stop-and-go regarding guidance surrounding the No Surprises Act. Most recently, a Texas court vacated portions of the No Surprises Act’s updated final rule (the final rules were discussed in our most recent blog on the subject). This created a domino effect, leading to the Departments of the Treasury, Labor, and Health and Human Services (the Departments) to inform certified independent dispute resolution (IDR) entities to halt, and then semi-halt, and then re-start payment determinations.
The Federal Trade Commission (FTC) didn’t mince words. On September 2021, it called out the health app industry for failing to understand the agency’s Health Breach Notification Rule (HBNR) and for not disclosing its breaches. Apparently dissatisfied with the industry’s response, the agency enforced the HBNR against GoodRx for the first time since the rule was released more than a decade ago.
A Florida “resident physician” is someone who has completed their internship and graduated from medical school but is not yet licensed as a Florida medical doctor or osteopathic physician and who registers with the Department of Health as a resident physician. Resident physicians have to complete at least a one-year residency before they can take the licensing examination and become licensed physicians. As part of the process of training new physicians, Florida allows resident physicians to utilize the hospital’s Drug Enforcement Administration (DEA) registration number to prescribe controlled substances listed in Chapter 893, FS, in the normal course of their employment. (Section 458.345, FS). The hospital assigns a suffix to the hospital’s number for each resident. But where can these registrations be used?
Medicaid providers and suppliers have likely discovered this the hard way. A provider’s or supplier’s enrollment in the Medicaid program may be insufficient to assure that their provision of a covered and medically necessary good or service to a Medicaid patient will be deemed reimbursable. That is because the Medicaid program will also look at the enrollment status of the provider who Referred, Ordered, Prescribed or Attended (ROPA) the patient referred to the Medicaid provider or supplier. If that ROPA provider is not a Medicaid provider or enrolled as a ROPA provider, the chain of Medicaid eligibility will be broken and that claim from the recipient of the referral will be denied.
Are State Attorneys General expanding their reach in this Post-Dobbs world? On February 1, 2023, twenty state Attorneys General signed letters to both CVS and Walgreens warning the giant retail pharmacies against mailing medications that could potentially be used to induce abortions. These letters are most notable for the legal posture they assume. The state Attorneys General penning this letter are purporting to emphasize enforcement of federal law (18 U.S.C. § 1461), not the state law of the respective states these Attorneys General represent. Press reports state that CVS and Walgreens plan only to distribute abortion-inducing medications where it is legal to do so. Nevertheless, these warning letters assert that each Attorney General has the right to enforce federal law—typically the purview of federal prosecutors—against any retail pharmacy that mails abortion-producing medications within, to, or from jurisdictions that are less restrictive with respect to abortions.
It has already been a busy 2023 for the U.S. antitrust enforcement agencies. Right on the heels of the Federal Trade Commission’s announcement of a proposed rule that potentially would ban non-compete agreements nationally, on February 3, 2023, the United States Department of Justice’s Antitrust Division (“DOJ”) announced the withdrawal of three antitrust policy statements related to enforcement in healthcare markets. Published in 1993, 1996, and 2011, these statements have been relied upon heavily by the healthcare industry and their counsel, even though these guidance documents are non-binding and do not create legal rights or obligations. Specifically, the 1993 statement created safety zones where the DOJ and the Federal Trade Commission would not challenge certain hospital mergers, hospital joint ventures involving technology and expensive medical equipment, physician provision of information to purchasers of healthcare services, hospital participation in exchanges of price and cost information, joint purchasing arrangements among healthcare providers, and physician network joint ventures. The 1996 statement also addressed these safe harbors but added a safe harbor for multi-provider networks, and the 2011 statement specifically addressed enforcement policy related to accountable care organizations participating in the Medicare Shared Savings Program.
What does it mean to “knowingly” or “recklessly” violate the law when that law consists of highly complex and ever-changing regulations, which may be open to interpretation? The U.S. Supreme Court recently agreed to review that question in two consolidated cases from the Seventh Circuit: U.S. ex rel. Tracy Schutte, et al. v. SuperValu Inc., et al. and U.S. ex rel. Thomas Proctor v. Safeway, Inc (collectively, “SuperValu”). The central question before the Supreme Court is whether a relator can allege a cognizable claim under the False Claims Act (FCA) if a defendant can prove that it acted in accordance with an objectively reasonable interpretation of regulations.