Welcome to this week's edition of the Health Law Update. In This Issue:

  • A Tale of Two Escobars: Federal Courts Begin Grappling with Opposing Views of “Materiality”
  • Ambulance and Home Health Moratorium Continued and Expanded
  • Assault of Home Health Worker by a Patient’s Father Prompts OSHA Violation
  • A Closer Look at the OCR’s Guidance on Ransomware
  • OCR to Increase Efforts to Investigate Breaches Affecting Fewer Than 500 Individuals
  • Events Calendar

A Tale of Two Escobars: Federal Courts Begin Grappling with Opposing Views of “Materiality”

On June 16, 2016, the U.S. Supreme Court issued a highly anticipated opinion in Universal Health Services, Inc. v. U.S. ex rel. Escobar, which for the first time expressly recognized implied certification as a viable theory under the federal False Claims Act (FCA). Implied certification is a theory that has been widely criticized by government contractors because of the broad and open-ended liability it potentially creates. The opinion has been the subject of much discussion because, among other things, it set forth a new “materiality” standard under the FCA. Although the more “demanding” standard was intended to restrict the reach of implied certification by limiting the type of regulatory restrictions that could be actionable, we warned in June that it could ultimately lead to more involved litigation because it relies on a subjective and fact-intensive inquiry.

In the months following Escobar, the anticipated divide between defendants and the government has been coming to fruition in at least one form as parties begin contesting whether the new standard limits claims under the FCA to scenarios where the government would have denied payment had it known of the alleged regulatory violation. The divide largely arises from the opinion’s language stating that “if the government pays a particular claim in full despite its actual knowledge that certain requirements were violated, that is very strong evidence that those requirements are not material.”

Defendants have capitalized on this language, and in doing so, make the seemingly sensible argument that the government cannot genuinely consider a regulatory requirement to be material when it knew of a potential violation and continued paying on the claims without objection. Defendants contend the argument is consistent with the Court’s view that materiality should be assessed on the government’s actual and expected conduct, and in cases across the country, defendants are beginning to echo this view.

For example, AstraZeneca recently argued in the Eastern District of New York that the “Relator cites to dozens of publicly-available clinical studies and articles … But these very studies and articles were equally available to the government, which nevertheless continued to reimburse claims for Seroquel.” The relator “cannot plausibly allege that any purported misrepresentations were material to the government’s payment decision” when it continued to reimburse claims for Seroquel despite having the “studies and articles” available to it.

Although having declined to intervene in the case, the U.S. Department of Justice (DOJ) did address AstraZeneca’s position, contending that it misconstrued the materiality requirement in two respects. First, the DOJ argued that AstraZeneca failed to account for the “objective” version (reasonable person) of the “materiality” test:

AstraZeneca’s chosen materiality standard – that the Government ‘would’ refuse payment – would adopt an outcome-dependent materiality standard that is stricter than the … common law objective and subjective standards, and is therefore not supported by the Escobar decision.

The DOJ also noted that, although a factor, “the Government’s decisions when acting with knowledge of the claim’s falsity … [are not] dispositive of materiality”; rather, it was only “relevant to materiality.”

Second, the DOJ took issue with AstraZeneca’s attempt to expand the Court’s “actual knowledge” language into a “constructive knowledge” test, in reference to the “equally available clinical studies and articles.”

In its response, AstraZeneca contended the DOJ “ignore[d] the bulk of the Court’s discussion on materiality – in particular, the Court’s conclusion that it is insufficient for a finding of materiality that the government has the ‘option to decline to pay if it knew of the defendant’s non-compliance.’” The district court has yet to decide on AstraZeneca’s pending motion to dismiss the relator’s ninth amended complaint.

In another case pending before the Fifth Circuit, Trinity Industries, Inc. recently argued in a reply brief that:

[t]his case is even easier. Here, the government has not only continued to pay for the ET-Plus – it has repeatedly reaffirmed that the ET-Plus is, and always has been, fully eligible for federal reimbursement … That should be the end of this case.

Whether the Fifth Circuit will end the case is still undecided.

Following the opinion in Escobar, it was clear that the “materiality” standard would be heavily litigated, as the Court’s language was parsed and construed by parties and courts alike. Where courts ultimately land on these initial “materiality” issues will assuredly vary across the country as the opinion is further applied. Although the full import of Escobar likely will not be known for years, what is known is that before all is said and done, the Supreme Court will undoubtedly be called upon to answer many lingering questions from its June 16 opinion.

Ambulance and Home Health Moratorium Continued and Expanded

The Centers for Medicare and Medicaid Services (CMS) recently announced an extension of its temporary moratorium on enrolling new nonemergency ambulance suppliers in New Jersey, Pennsylvania and Texas and new home health agencies in Florida, Illinois, Michigan and Texas for an additional six months. The agency also announced that the moratorium, which previously applied to specific metropolitan counties, will be expanded to all counties in the applicable states. The expansion is intended to prevent providers from enrolling in one county and providing services to beneficiaries in other counties. The moratorium affects new enrollments in Medicare Part B, Medicaid and the Children’s Health Insurance Program. Each temporary enrollment moratorium remains in effect for six months prior to reevaluation. The current moratorium has been effective for three years.

CMS also ended a temporary moratorium on enrolling new emergency ambulance services. However, providers should be aware that when a moratorium is lifted, the affected provider or supplier types will be subject to the agency’s high-screening level for a period of six months from the date the moratorium was lifted. New emergency ambulance suppliers that also furnish non-emergency services will be able to bill for only the emergency transport services.

In a separate notice, CMS announced the implementation of the Provider Enrollment Moratoria Access Waiver Demonstration (PEWD) which authorizes the agency to make exceptions to the state-wide enrollment moratoria in response to access-to-care issues. Enrollees with an approved PEWD application will be able to bill for services only in the designated geographic areas.

Assault of Home Health Worker by a Patient’s Father Prompts OSHA Violation

A provider of pediatric home health, Epic Health Services, was recently fined $98,000 by the Occupational Safety and Health Administration (OSHA) in connection with the sexual assault of a home health employee by a patient’s father. Allegations include that the father had regularly attempted to grope the employee and made inappropriate comments about her buttocks and breasts. The assaulted employee is suing Epic for negligence and punitive damages as a result of the incident. Allegations include that Epic, which reportedly lacked a system for reporting threats or incidents of violence in the workplace, was aware of two previous assaults on employees by the patient’s father but failed to notify the assaulted employee of the incidents.

As a result of its investigation into the assault, OSHA found that Epic had a history of failing to act on reports by company employees of verbal, physical and sexual assaults in the workplace, including a situation where an employee was forced to work in a home environment with domestic violence. OSHA cited the company for willfully failing to “protect its employees from life-threatening hazards of workplace violence,” failing to “provide an effective workplace violence prevention program” and “failing to record injuries properly on OSHA forms.” OSHA also enumerated a number of abatement techniques that Epic and others can implement to address violence in the workplace, including:

  • A written, comprehensive workplace violence prevention program.
  • Workplace violence hazard assessment and security procedures for each new client.
  • Procedures to control workplace violence such as a worker's right to refuse to provide services in a clearly hazardous situation without fear of retaliation.
  • A workplace violence training program.
  • Procedures to be taken in the event of a violent incident in the workplace, including incident reports and investigations.
  • A system for employees to report all instances of workplace violence, regardless of severity.

This OSHA action highlights the need for providers to implement processes for addressing violence in the workplace, including responding to employee complaints of violence by patients and family members.

A Closer Look at the OCR’s Guidance on Ransomware

In the wake of several high-profile ransomware infections targeting hospitals and healthcare organizations, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued guidance on the growing threat of ransomware. Given the publicity and the potential for harm, it should come as no surprise that the OCR has issued guidance in this area. As the regulatory agency that enforces HIPAA, when the OCR speaks, healthcare organizations should take heed. Read more >>

OCR to Increase Efforts to Investigate Breaches Affecting Fewer Than 500 Individuals

Data breaches have been occurring with disturbingly high frequency in the healthcare industry. If a covered entity experiences a data breach involving more than 500 affected individuals, a regulatory investigation by the OCR is virtually guaranteed. While the OCR has always had the authority to investigate smaller breaches, it has traditionally done so only when it had resources to spare. This new initiative announced by the OCR represents a concerted effort to investigate the root causes of breaches affecting fewer than 500 individuals. Read more >>