On December 19, 2022, the U.S. Department of Health and Human Services (“HHS”) through the Centers for Medicare & Medicaid Services (“CMS”) issued a proposed rule to adopt standards for certain electronic health transactions.  Specifically, the proposed rule would adopt standards for health care attachment transactions (e.g., medical charts, x-rays, provider notes) and electronic signatures to be used in conjunction with health care attachments, and modify the standard for referral certification and authorization transaction.  The proposed rule would apply to entities regulated by the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (collectively, “HIPAA”), and would implement certain requirements of the Administrative Simplification subtitle of HIPAA and the Patient Protection and Affordable Care Act (“ACA”) that require the Secretary of HHS to adopt and update standards for electronic health transactions, code sets, unique identifiers, as well as the electronic exchange for health information.

The proposed rule is primarily focused on creating standards for health care attachment transactions for three general use cases related to the submission of electronic documentation: (1) prior authorization; (2) solicited documents; and (3) unsolicited documents.  According to the proposed rule, nearly every health plan requires that providers submit additional information and/or documentation beyond that contained in a HIPAA transaction; however, while there is currently an adopted HIPAA transaction standard for the prior authorization request and response, there is no way for the provider to submit documentation to support a prior authorization electronically using HIPAA standards.  As a result, providers are often forced to use manual processes, such as physical mail, fax, or internet web portals to submit this information. 

In addition, the proposed rule would create a standard for an “electronic signature,” which is intended to accompany health care attachments transactions.  An electronic signature is meant to serve as the indication to health plans and providers that attachment information has been reviewed and approved by the appropriate entity that is supervising care.  The proposed rule also would adopt a modification to the standard for referral certification and authorization transaction with the aim to, among other goals, reduce the barriers related to adopting value-based payments.

More broadly, the proposed rule raises strategic considerations for companies partnering with regulated stakeholders to ensure electronic health information technologies are able to meet these and other requirements while navigating other legal issues presented by health technologies, such as:

  • Balancing security and standard transaction requirements of HIPAA while simultaneously meeting increasing interoperability requirements focused on providing patients with greater access to and control over their health data (e.g., prohibitions related to information blocking);
  • Managing product liability risks related to defective hardware or software, or incorrect data input;
  • Implementing controls to ensure that certain processes, such as automated prior authorization systems, do not present fraud and abuse risks, particularly given increased scrutiny of electronic health record systems.

Comments on the proposed rule are due by March 22, 2023.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Rujul Desai Rujul Desai

Rujul Desai advises clients on drug pricing, market access, reimbursement, strategic contracting, and regulatory solutions for drugs, biologicals, devices, and diagnostics. He brings deep experience with biopharma, specialty pharmacy, and pharmacy benefit management (PBM) companies.

Rujul has held a number of leadership roles…

Rujul Desai advises clients on drug pricing, market access, reimbursement, strategic contracting, and regulatory solutions for drugs, biologicals, devices, and diagnostics. He brings deep experience with biopharma, specialty pharmacy, and pharmacy benefit management (PBM) companies.

Rujul has held a number of leadership roles in the biopharma, PBM, and specialty pharmacy industry, including with CVS Caremark, UCB, and most recently as Vice President at Avalere Health. He has led engagements across a wide range of U.S. and global market access and reimbursement issues, including optimizing new product launches, pricing, PBM and payer formulary access, value-based contracting, distribution network design, patient access and hub services, affordability programs, e-prescribing, digital health, and the use of health economic data and modeling.

Photo of Stefanie Doebler Stefanie Doebler

Stefanie Doebler is co-chair of the firm’s Health Care Practice Group, and a member of the Food, Drug, and Device Practice Group. Her practice focuses on health care compliance matters for pharmaceutical, biotech, and medical device clients. She provides advice related to advertising…

Stefanie Doebler is co-chair of the firm’s Health Care Practice Group, and a member of the Food, Drug, and Device Practice Group. Her practice focuses on health care compliance matters for pharmaceutical, biotech, and medical device clients. She provides advice related to advertising and promotion, fraud and abuse, transparency requirements, state law compliance and reporting regulations, interactions with health care professionals, Medicaid price reporting, and other aspects of federal and state regulation of pharmaceuticals, biologics, and medical devices. Stefanie also advises on the development and implementation of health care compliance programs.

Photo of Anna D. Kraus Anna D. Kraus

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience…

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience with, and valuable insight into, the programs and issues within the purview of HHS, including Medicare, Medicaid, fraud and abuse, and health information privacy. Ms. Kraus regularly advises clients on Medicare reimbursement matters, the Medicaid Drug Rebate program, health information privacy issues (including under HIPAA and the HITECH Act), and the challenges and opportunities presented by the Affordable Care Act.

Elizabeth Brim

Elizabeth Brim is an associate in the firm’s Washington, DC office. She is a member of the firm’s Health Care and Data Privacy and Cybersecurity Practice Groups, advising clients on a broad range of regulatory and compliance issues. In addition, Elizabeth maintains an…

Elizabeth Brim is an associate in the firm’s Washington, DC office. She is a member of the firm’s Health Care and Data Privacy and Cybersecurity Practice Groups, advising clients on a broad range of regulatory and compliance issues. In addition, Elizabeth maintains an active pro bono practice.