The omnibus appropriations and tax extenders package released last night contain many healthcare provisions.

The tax extenders package provides for a two-year moratorium for the medical device tax for 2016 and 2017.

The omnibus appropriations legislation contains a variety of health-related provisions. These provisions include rescinding funding for the Independent Payment Advisory Board (IPAB), deficit-neutral language related to risk corridor payments and cybersecurity.

Tax-Related Issues

Excise Tax on High-Cost Employer-Sponsored Coverage: The legislation delays the excise tax on high-cost employer-sponsored coverage for two years. In addition, the legislation requires a study of the premium cost of the Blue Cross/Blue Shield standard benefit option under the Federal Employees Health Benefits Plan as a benchmark for the age and gender adjustment of the applicable dollar limit with respect to the excise tax on high-cost employer-sponsored health coverage. In addition, the study should make recommendations regarding any more suitable benchmarks for age and gender adjustments.

Health Insurance Tax: The legislation provides for a one-year moratorium of the Health Insurance Tax.

Risk Corridor Payments: The appropriations bill, for the second year in a row, requires budget neutrality for the risk corridor payments to insurers. Although insurers will save because of the one-year moratorium of the Health Insurance Tax, it is not likely to be the equivalent of the funds insurers will not receive from the risk corridor program.

Medicare and Medicaid

Independent Payment Advisory Board: Funding was rescinded. This board was created by the Affordable Care Act and never funded or staffed.

Medicare Improvement Fund: The amount provided to the Medicare Improvement Fund is reduced. This fund was established in the IMPACT Act of 2014 and was to provide funds to make improvements in the original Medicare fee-for-service program under Parts A and B. This fund has been used as offset before. Most recently, its funding was reduced to pay for the physician payment reform.

Imaging Issues − Medicare Payment Incentive for the Transition from Traditional X-Ray Imaging to Digital Radiography and Other Medicare Imaging Payment Provisions:

  1. Limitation on payment for film X-ray imaging services. In the case of an imaging service that is an X-ray taken using film during 2017 or later, the technical component payment will be reduced by 20 percent.
  2. Phased-in limitation for computed radiography imaging services. In the case of imaging services, an X-ray taken using computed radiography technology, the technical component payment will be reduced by 7 percent for the years 2018 through 2022. For 2023 or after, the payment for the technical component will be reduced by 10 percent.
  3. Computed radiography technology is defined as a cassette-based imaging that utilizes an imaging plate to create the image involved.
  4. The Secretary may adopt a mechanism including modifiers to implement this provision.
  5. Reduced expenditures attributable to incentives to transition to digital radiography will take effect beginning with the 2017 fee schedule.
  6. Reduction of discount in payment for the professional component of multiple imaging services. In the case of the professional component of imaging services furnished on or after 2017, instead of the 25 percent reduction for multiple procedures that was published as part of a regulation on November 29, 2011, the reduction will be 5 percent.
  7. Payment incentive for transition under hospital outpatient PPS from traditional X-ray imaging to digital radiography. In the case of an imaging service that is an X-ray provided during 2017 or after, the payment for the service shall be reduced 20 percent. For 2018-2022, the reduction will be 7 percent, and for 2023 or after, the reduction is 10 percent.

Limiting Federal Medicaid Reimbursement to States for Durable Medical Equipment to Medicare Payment Rates: This provision was in the 21st Century Cures legislation to pay for the spending portions of that bill. Since that bill has not yet been enacted, it is being used to pay for portions of the tax extenders. The provision in essence requires states to pay for durable medical equipment using Medicare rates. Nothing in the provision would prohibit a state Medicaid program from providing medical assistance for DME for which payment is denied or not available under Medicare. The provision requires that there be an evaluation of the impact of applying Medicare payment rates to DME under the Medicaid program, but there is no timeline for the evaluation.

Treatment of Disposable Devices: The Secretary shall make a payment for a disposable device to a home health agency in an amount equal to the payment that would have been made for covered outpatient department services for the Level 1 HCPCS code for which the description for the professional service including the furnishing of such device is included.

"Disposable device" is defined as a disposable, negative-pressure wound-therapy device that is an integrated system comprised of a non-manual vacuum pump, a receptacle for collecting exudate, and dressings for the purposes of wound therapy, and a substitute for a negative-pressure wound-therapy DME item that is an integrated system of a negative-pressure vacuum pump, a separate collection canister and dressings that would be covered for individuals for wound therapy.

A GAO study and report is required to address the types of disposable devices that could potentially qualify as substitutes; the views and information from manufactures, providers and suppliers on the incentives and disincentives under current Medicare coverage and payment policies; implications of expanding Medicare coverage to include additional disposable devices that are substitutes for DME and payment methodologies. The report is due 18 months after the enactment.

A second GAO study is required to look at the impact on utilization, the type of Medicare beneficiaries under the home health benefit who use the disposable devices compared to the substitute DME, and payment rates of other payers including Medicaid. The second report is due in four years.

Cybersecurity in the Healthcare Industry

Within a title dealing with cybersecurity issues, including within the federal government, section 405 requires the Department of Health and Human Services to provide the Senate HELP Committee and the House Energy and Commerce Committee with a report within one year. That report is to provide a clear statement concerning who is responsible for leading and coordinating efforts at HHS regarding cybersecurity threats in the healthcare industry and provide a plan from each relevant operating division and subdivision. The legislation also creates a healthcare industry cybersecurity task force that shall include healthcare industry stakeholders as well as cybersecurity experts, and any federal agencies or entities the Secretary determines appropriate to:

  1. analyze how industries other than healthcare have implemented strategies and safeguards for addressing cybersecurity threats;
  2. analyze challenges and barriers private entities in the healthcare sector face in securing themselves against cyberattacks;
  3. review challenges that covered entities and business associates face in security networked medical devices and other software or systems that connect to an electronic health record;
  4. provide the secretary with information to disseminate to healthcare industry stakeholders of all sizes for purposes of improving their preparedness for and response to cybersecurity threats;
  5. establish a plan for implementing so the federal government and healthcare industry stakeholders may in real time share actionable cyber threat indicators and defensive measures; and
  6. report findings and recommendations to the appropriate congressional committees.

The task force is terminated one year after the date on which it is established.

In addition, the Secretary shall establish a common set of voluntary consensus-based and industry-led guidelines, best practices and methodologies that:

  1. serve as a resource for cost-effectively reducing cybersecurity risks for a range of healthcare organizations;
  2. support voluntary adoption and implementation efforts to improve safeguards to address threats; and
  3. are consistent with the standards and guidelines developed by the National Institute of Standards and Technology Act, the regulations promulgated under section 264(c) of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the provisions of the Health Information Technology for Economic and Clinical Health Act.