In its recent notice of proposed rulemaking setting policy for Medicare Advantage (MA) and the Prescription Drug Program (PDP) for calendar year 2020, CMS announced that it would establish extrapolation as a method to be used in risk adjustment validation (RADV) audits, and further, that it would not make any adjustments to account for errors in Medicare fee for service data in determining recovery amounts.

CMS uses a risk adjustment process to modify MA plan payments to better reflect the relative risk of each plan’s enrollees. Payments to each MA plan are adjusted based on risk scores that reflect enrollees’ health status (categorized into Hierarchical Condition Categories (HCCs)) and demographic characteristics derived from member claims data. To counteract incentives that a plan might have to over-report enrollee diagnoses, CMS emphasizes that all diagnoses submitted to enhance risk must be documented in a medical record, and uses RADV audits to ensure that medical record documentation exists, and thus, that payments to MAOs accurately reflect the level of risk assumed. Continue Reading CMS Announces and Solicits Comments on Expanded RADV Audit Methodology

This blog post has been prepared in collaboration with Nemours. Ms. Boyer is a Manager of Nemours Children’s HospitalMaya Upplauru is an associate in Crowell & Moring’s Health Care Group in Washington, D.C.

This Bulletin is brought to you by AHLA’s Children’s Health Affinity Group, which is part of the Academic Medical Centers and Teaching Hospitals and In-House Counsel Practice Groups.

One of the most fear-inducing experiences for new and first-time parents is the middle of the night illness of a young child. Many may head directly to the emergency department (ED) because they lack any means to communicate with their health care provider after-hours. Parents of children with chronic conditions or rare diseases are often forced to travel long distances to see specialists at regional centers of excellence and may struggle to check in or get questions answered once they are back at home. Teenagers managing chronic conditions may prematurely discontinue their treatment plan when they transition to college in a different state or when they enter the working world after college.

Today’s tech savvy parents are comfortable with digital health care solutions that are available 24 hours per day on their mobile phones, as they provide experiences that are similar to virtually any other products or services outside of health care. Yet too often today, their experience with the health care industry does not meet their expectations for digital access, efficiency and convenience.

Virtual care services, such as telehealth and remote patient monitoring, are increasingly being used to create a better experience and deliver convenient, effective care for parents and caregivers of young children. More specifically, telehealth can provide an access point to health care for children and families at times when they cannot reach their primary care provider, are unable to travel, or do not need an in-person visit and can avoid exposure to additional contagions at the ED or doctor’s office.

In low acuity, high distress cases such as a high fever, ear pain, respiratory illness and vomiting, telehealth providers can provide direct care or advise the family whether an ED or primary care visit is warranted. This kind of support is not only reassuring for young families, but can help reduce pressure on EDs so they can prioritize the sickest patients, educate families about which level of care is most appropriate for future health needs, and reduce unnecessary costs to the families and to the health care system.

Telehealth can also help to ensure continuity of care for families who may move or seek specialty care across state lines and want to keep in touch with their provider, particularly for children with complex or chronic diseases or adolescents who attend college out of state.


Telehealth technology has the potential to improve outcomes and patient experience, while improving cost through more appropriate utilization of health care services. Pediatrics is particularly ripe for disruption by digital health technologies, including telehealth, virtual care, and remote patient monitoring solutions, because of the widespread adoption of technology by children and their parents as well as the generally low acuity of most common childhood illnesses. Yet there are still significant regulatory barriers that stand in the way of ubiquitous access to telehealth and related services, especially across state lines. Below, we have outlined several of these issues, focusing on the Medicaid and Children’s Health Insurance Programs (CHIP) populations.

  • Inconsistent State Definitions: The definition of “telehealth” (or “telemedicine”) varies widely across states and remains completely undefined in certain states. Some states include additional modalities, such as “store and forward” (e.g. the patient takes a picture and sends it to the provider) as well as remote patient monitoring, as part of their telehealth definition, while others exclude them. All of these variations make it more difficult for telehealth services to be provided across state lines.
  • State Licensure: Each state has a different set of licensure requirements for health care providers which can make it difficult for providers in different states to deliver care or conduct consultations with patients who may have difficulty traveling. Providers must be licensed in each state where their patients are located, which may lead to multiple fees, rules and administrative processes for them to meet the needs of their patients. The Interstate Medical Licensure Compact (IMLC) is aimed at streamlining this process, but not every state has signed on and, even in those states that participate, obtaining a license can still be costly and burdensome. Some states have enacted telehealth-specific licensure programs – such as New Mexico – which may address some of these challenges.
  • Scope of Practice: Certain states have laws limiting the scope of practice that impact telehealth. For example, some states have prohibitions on the corporate practice of medicine, which create barriers to different types of entities providing telehealth services. Further, some states limit or restrict which types of providers are eligible to receive payment for telehealth services.
  • Coverage Parity: Many states do not require insurance coverage of telehealth services, and some payers, including Medicaid Managed Care Organizations (MCOs), limit coverage to in-network providers only. The resulting confusion about which services are covered– in-person versus via telehealth– can place administrative and financial burdens on patients and families, especially when they receive unexpected bills for services they believed to be covered. Additionally, there is often confusion among providers and payers, resulting in payer denials of coverage or reimbursement.
  • Reimbursement Parity: Some states do not require reimbursement parity between in-person and virtual services of the same kind. If a provider will be reimbursed less for providing the same service virtually, this provides a disincentive to provider adoption and therefore further limits access to virtual care. Again, in some cases, certain provider types are completely excluded from reimbursement.
  • Billing and Coding: There is a lack of uniformity for telehealth billing codes and coding guidelines across states, which leads to incorrect billing and confusion among providers and patients. In some cases, different payers require certain modifiers and place of service codes, making it hard for providers to track and navigate a wide variety of requirements and remedy claims issues. These challenges are exacerbated when a provider works across state lines, as the number of payers and their respective requirements multiply.
  • Broadband Access: Across rural and urban settings, connectivity can be challenging for underserved populations. Rural families may lack broadband access, and urban families may rely solely on mobile connectivity. The Federal Communications Commission (FCC) offers programs to subsidize the cost of broadband, but these programs generally apply to connectivity for providers, not for patients, therefore addressing only part of the problem.


The federal government has made a few encouraging strides that could help to address some of these challenges. These initiatives include:

  • FCC Connected Care Pilot: The FCC has issued a Notice of Inquiry regarding telehealth for low-income consumers. While the comment period is closed, the pilot is a signal that the FCC is interested in creative solutions to solve the connectivity problems described above, within the agency’s statutory limitations.
  • CMS Integrated Care for Kids Model: Building from a Request for Information on pediatric health earlier this year, CMS has announced eight cooperative agreements for up to $16 million each in funding for innovative state Medicaid models addressing behavioral and physical health needs arising from the nation’s opioid crisis. Telehealth and digital health services bring significant value in addressing the health concerns of children; however, more must be done to address challenges relating to providing care across state lines.
  • Modernization of Reimbursement Policy for Digital Health: Changes to Medicare payment policy for telehealth could have a positive downstream impact on Medicaid and other pediatric payers. In the proposed 2019 Physician Fee Schedule Rule, CMS proposed several new remote patient monitoring and virtual check-in codes. Further, the Creating High-Quality Results and Outcomes Necessary to Improve Chronic (CHRONIC) Care Act, passed this year as part of a larger budget deal, aimed at expanding telehealth services for certain chronic condition populations.

In addition to these initiatives, the federal government could make continued progress in the following ways:

Building on Existing Efforts to Increase Evidence

  • Funding Additional Research: More data is needed on the impact of virtual care and other consumer digital health technologies on access, satisfaction, quality, cost and outcomes for children and families. Areas ripe for research and potential future cost-savings include: avoidable ED visits and readmissions, behavioral health services, chronic disease management, and children with medical complexity. Particular attention should be paid to the unique needs of children and pediatric use cases, and how those needs differ from the adult population.
  • Resources for Best Practices: Further investment is needed to identify and disseminate best practices for telehealth and other virtual care services to state Medicaid and CHIP programs. This includes identification of any unique barriers for the pediatric population and ways to address them, and compiling emerging practices, their impact and lessons learned from existing initiatives implementing telehealth services across all federal agencies including the Health Resources and Services Administration (HRSA), the U.S. Department of Defense (DoD), and the U.S. Department of Veterans Administration (VA), to share and encourage alignment across federal programs. This data could also be shared with state Medicaid and CHIP programs.

Leverage Current Policies and Federal Initiatives

  • New Demonstration Project Focusing on the Multi-State Challenge: CMS could launch a regional, multi-state demonstration pilot to test a set of aligned Medicaid policies impacting digital health access and payment focused on Medicaid and CHIP, especially when care is provided across state lines.
  • Integrate Telehealth as a Priority Focus in Existing Models: Exploring and/or promoting the use of telehealth and other virtual health services in existing Center for Medicare and Medicaid Innovation initiatives, like Accountable Communities for Health, where digital health technologies may be foundational to linking clinical care with essential community social services for children and supporting care for children in a range of settings, including school based clinics.

Finally, CMS could provide technical assistance and resources, such as model telehealth service agreements, to support states and providers in managed care contract negotiation as well as service contracts that abide by fraud and abuse regulations to expand coverage and access to consumer digital health technologies for children and families. Two precedent examples of these model contract provisions are (1) the model Business Associate Agreement published by the HHS Office for Civil Rights to aid covered entities entering into agreements with business associates under HIPAA, and (2) the EHR Contracts Untangled resource published by the Office of the National Coordinator for Health IT (ONC) to assist providers in contract negotiation with electronic health record vendors.


Technology offers the opportunity to improve the way health care is delivered and received, and is likely to continue shaping the health care market well into the future. Patients and families are increasingly demanding more convenient health care services, including virtual access to care, despite the many regulatory barriers impeding the seamless flow of care within and across state lines. Opportunities to improve the regulatory landscape abound, and realizing these opportunities could result in increased access, reduced cost for certain populations, and overall improved outcomes. However, such a future requires close partnership between providers, state governments and the federal government to jointly chart a path toward seamlessly connected care.

In the most recent technical changes made to Part C and Part D plans for 2019, CMS codified the star ratings methodology in regulations. Now, CMS is proposing changes to these regulations, such as new definitions to clarify the meaning of terminology used in describing the star ratings methodology. In addition, CMS is proposing several changes to improve program quality and accessibility of the Medicare Advantage (MA) and Part D Prescription Drug Program (PDP) Plan Quality Rating for measures other than Consumer Assessment of Healthcare Providers and Systems (CAHPS).

Continue Reading MA/PDP Star Ratings: Proposed Technical Changes for 2020

On November 1, 2018, the Centers for Medicare & Medicaid Services (“CMS”) filed the pre-publication version of the CY 2019 Physician Fee Schedule Final Rule (“2019 PFS Final Rule”). Within this massive publication, CMS finalized two regulatory changes affecting the exceptions at 42 CFR § 411.357 to the Physician Self-Referral Law (also known as the “Stark Law”) for compensation arrangements. The 2019 PFS Final Rule reconciles the regulations with the statutory changes made to the Stark Law enacted by the Bipartisan Budget Act of 2018 (“2018 BBA”) with respect to (1) how arrangements may fulfill the “writing” requirement under the compensation exception and (2) how arrangements that initially proceed without a signed agreement may still meet the signature requirement of an applicable exception. Parties to financial arrangements in effect on or after February 9, 2018 that implicate the Stark Law may rely upon these new modifications.

The Stark Law generally prohibits a physician from making a referral of designated health services (“DHS”) to an entity with which he or she (or an immediate family member) has a financial relationship. Section 411.357 details several excepted compensation arrangements carved out from the “financial relationship” definition for the purposes of the Stark Law. These exceptions include arrangements for the rental of office space and equipment, bona fide employment relationships, group practice arrangements with hospitals, certain fair-market-value compensation arrangements, among others. Continue Reading 2019 Physician Fee Schedule Rule Modifies Stark Regulations to Reflect Statutory Changes

CMS has finalized the adoption of multiple CPT codes in the CY 2019 PFS that create more opportunities for providers and digital health companies to collaborate on chronic care management business models in the fee-for-service market.

Virtual Check-Ins

CMS finalized the creation of a new code to reimburse providers for brief “check-in” services conducted using communications technology by creating HCPCS code G2012, defined as “[b]rief communication technology-based service, e.g. virtual check-in.” Continue Reading Digital Health Updates in the 2019 Physician Fee Schedule (PFS) Rule

Yesterday, the FDA released draft guidance on the management of cybersecurity in medical devices submitted to the agency for premarket review. Noting that cybersecurity threats to the healthcare sector have increased in number and severity, the FDA offered new recommendations for device design, labeling, and documentation that medical device manufacturers will need to consider during premarket submission processes.

The guidance comes shortly after the FDA’s launch of its Medical Device Cybersecurity Playbook, which provides a framework for healthcare delivery organizations to use in preparing for and responding to cybersecurity threats against patient medical devices.

Given rapid changes in technology and increasing innovation in the digital health market, the guidance intends to decrease the risk of cyberattacks that could render medical devices inoperable and potentially harm patients. Comments on the draft guidance are due on March 18, 2019. Continue Reading FDA Issues New Guidance for the Management of Cybersecurity in Medical Devices

On October 15, 2018, the Centers for Medicare & Medicare Services (“CMS”) in the Department for Health and Human Services proposed a rule to require prescription drug manufacturers to post the Wholesale Acquisition Cost (“WAC”) for drugs and biological products covered by Medicare or Medicaid in direct-to-consumer television advertisements. The WAC reflects the manufacturer’s list price for a drug to direct purchasers, not inclusive of any discounts or rebates. CMS is proposing this rule in the context of broadcast advertisements, an area in which the Supreme Court has recognized that the government may take special steps to help ensure that viewers receive appropriate information.[1]

CMS stated that 47 percent of Americans have high-deductible health plans and that many patients may pay the list price of the drug until they meet their deductible. The proposed rule aims to provide greater transparency into the prices charged by prescription drug manufacturers. The theory is that markets operate more efficiently with greater transparency, and that increased exposure of the list price will also provide a moderating force to discourage price increases. While wholesale prices do not equate to the patient’s out-of-pocket obligation, CMS asserts that benefit designs are impacted by WACs, and patients in high-deductible plans may pay the full list price until meeting their deductible – thus, the WAC may still be relevant to many patient and impact their decisions and market dynamics. The price required to be posted would be for a typical course of treatment for an acute medication like an antibiotic, or a thirty day supply of medication for a chronic condition that is taken every month. The posting would take the form of a legible textual statement at the end of the ad and would not apply where the list price for a thirty day supply or typical course of treatment of a prescription drug was less than $35.

Overall, the agency has taken action designed to promote transparency in healthcare this year. In the drug pricing arena, CMS released a redesigned version of the Drug Spending Dashboards which identifies manufacturers that have increased their prices, along with year-over-year information on drug prices. Outside of the drug pricing space, CMS recently launched the eMedicare initiative to allow customers to find and compare Medicare coverage options and quickly see estimates on what the coverage would cost, among other features. CMS has also included requests for information on cost transparency and expanded patient access to data in recent payment rules, and is expected to propose more new policies in an upcoming regulation currently under OMB review.

CMS’s proposal is part of an ongoing effort by the Trump administration to bring down prescription drug prices and out-of-pocket costs, as signaled by the release in May of American Patients First, the administration’s drug pricing blueprint. This is also the latest in a series of steps focused on increasing data access and price transparency in healthcare. Although Congress was not successful in its attempt to address direct-to-consumer advertising this summer through a provision that would have allocated $1 million to the Food and Drug Administration to implement regulations requiring drug companies to list their prices in TV ads, Congress passed and the President signed into law legislation to improve transparency and lower health care costs for patients across the country. This law effectively paves the way for pharmacists to advise their patients on the cost of various medications and different payment methods, free from restrictions imposed by take-it-or-leave-it contracts with insurers.

In the present proposal CMS seeks public feedback on a variety of questions, including:

  • How providing consumers with the list price of a medication may influence interactions with prescribers, the selection of drug products, and the perceived efficacy of the prescribed drug.
  • How benefit design influences these choices.
  • Whether compliance with rule should be a condition of payment by a federal health care program.
  • Whether WAC is the amount that best reflects the “list price” for the stated purposes of price transparency and comparison shopping
  • Whether 30-day supply and typical course of treatment are appropriate metrics for a consumer to gauge the cost of the drug.
  • How to treat an advertised drug that must be used in combination with another non-advertised drug or device.
  • Whether the cost threshold of $35 to be exempt from compliance with this rule is the appropriate level and metric for such an exemption.
  • Whether rule should be extended to advertisements in other media forms, including radio, magazines, websites, etc.

This rulemaking presents a major opportunity for pharmaceutical companies, insurers, and patients alike to make their voices heard in an area that is critically important. Electronic comments can be submitted until December 17, 2018. For further assistance, please contact Jodi Daniel (, Barbara Ryland (, and Maya Uppaluru (

[1] See Red Lion Broad. Co. v. FCC, 395 U.S. 367, 390, 394 (1969) (“It is the right of the viewers and listeners, not the right of the broadcasters, which is paramount.”)

On October 3rd, the United States Senate passed a bipartisan opioids package with a sweeping vote of 98 to 1, after the U.S. House of Representatives passed the final version of the bill with a vote of 393 to 8. One of its components, the “Fighting the Opioid Epidemic with Sunshine Act,” expands the scope of reporting requirements under the Physician Payment Sunshine Act (known as the “Sunshine Act”), which will have immense implications for the pharmaceutical and medical device and supply industries.

Enacted at section 6002 of the Affordable Care Act in 2010 to increase transparency around the financial relationships between health care providers and drug manufacturers, the Sunshine Act requires “applicable group purchasing organizations” and “applicable manufacturers,” including pharmaceutical and medical device or supply companies with operations in the United States, to track and report payments and transfers of value that they make to “covered recipients,” currently defined to include physicians and teaching hospitals. These transfers of value include items such as consulting fees, honoraria for speaking events, and research grants.

The opioids legislation package expands the definition of “covered recipients” to include other types of health care professionals: physician assistants, nurse practitioners, clinical nurse specialists, registered nurse anesthetists, and certified nurse midwives. The new legislation additionally sunsets a prohibition in the Sunshine Act that prevents the inclusion of the National Provider Identifier on the CMS Open Payments website.

Given the Administration’s focus on the opioid crisis, identified as a “national emergency,” the expansion of the Sunshine Act reflects the reality that prescriptions of opioids and other drugs to individuals may come from health professionals who are not physicians. State “sunshine laws” that imposed reporting requirements on payments to these professionals have existed for a number of years, but the changes passed in the opioids package would make this standard the baseline for reporting covered payments nationwide. By the time these changes would be effective on January 1, 2022, applicable group purchasing organizations and manufacturers will need to update their Sunshine Act compliance and monitoring activities to account for the greatly enlarged scope of individual health care professionals to whom they may be providing direct or indirect transfers of value.

The expansion of the Sunshine Act’s covered recipient definition was introduced in the Senate version of the opioids package, and remained in the overall legislation despite vigorous opposition. To become law, the bill requires the signature of President Trump.

Federal agencies are signaling closer oversight of Medicaid managed care organizations (“MCOs”). On August 21, 2018, the U.S. Comptroller General Gene Dodaro and Centers for Medicare and Medicaid Services (“CMS”) Administrator Seema Verma testified to the Senate Homeland Security and Governmental Affairs Committee about combating Medicaid fraud and urged additional oversight of Medicaid MCOs and a larger restructuring of the Medicaid program. This testimony follows other steps taken by the Governmental Accountability Office (“GAO”) and CMS earlier this year to encourage increased scrutiny of Medicaid managed care programs.

GAO Reports Recommend Improved Oversight

           Over the past few months, GAO has released several reports focused on program integrity issues in Medicaid and urging increased oversight, including in the managed care context.

           In May, the GAO released the results of a study it conducted to determine whether the methodology used by CMS to calculate program integrity risks adequately measured the risks in the Medicaid managed care context. Using the Payment Error Rate Measurement (“PERM”) methodology, CMS had estimated that $37 billion in improper Medicaid payments were made in fiscal year 2017, equaling about 10.1 percent of the $364 billion in federal spending on Medicaid. For Medicaid managed care, which constitutes about half of total federal Medicaid expenditures, the improper payment rate determined under the PERM methodology was only 0.3 percent ($500 million in improper payments out of $171 billion in expenditures). In its study, the GAO found that the PERM methodology may not account for key program integrity risks such as unidentified overpayments and unallowable costs. GAO recommended that CMS take steps to mitigate program risks not measured in the PERM, consider revising the PERM methodology, or focus additional audit resources on managed care.

           In July, GAO released another report analyzing payment risks in Medicaid managed care, based on interviews with state program integrity stakeholders in ten states. The study identified six payment risks, four of which relate to the payments made by Medicaid agencies to MCOs and two of which relate to payments by MCOs to providers. The report identified two of the payment risks as being the most significant: (1) incorrect fee-for-service payments from managed care organizations to providers, and (2) inaccurate state payments to managed care organizations due to payments being determined on incorrect data. GAO recommended that CMS expedite planned guidance on Medicaid managed care program integrity, address impediments to managed care audits, and ensure that states account for overpayments when setting future capitation rates.

           The GAO has also released several other reports on Medicaid program integrity not specific to managed care. For instance, in June, GAO released a report highlighting the major program integrity risks for the Medicaid program generally. In August, GAO released reports assessing CMS’s oversight of state-reported Medicaid expenditures and recommending additional actions CMS could take to improve oversight of Medicaid.

CMS Increases Oversight

           CMS has taken steps to increase overall Medicaid program integrity oversight. On June 26, 2018, CMS announced several new initiatives and increased emphasis on existing initiatives intended to improve Medicaid program integrity and maintain sustainability of the program. In its press release on the initiatives, CMS noted that Medicaid spending has rapidly increased over recent years due to several factors, with specific mention of the Medicaid expansion. Three of the main initiatives aim to

  1. Emphasize program integrity in audits of state claims for federal match funds and medical loss ratios (MLRs).
  2. Conduct new audits of state beneficiary eligibility determinations.
  3. Optimize state-provided claims and provider data.

The initiatives enhance audit functions, oversight of state contracts with private payers, beneficiary eligibility oversight, and enforcement of state compliance.

Senate Testimony

           On August 21, 2018, Comptroller General Dodaro and Administrator Verma testified before the Senate Homeland Security and Governmental Affairs Committee on the topic of combatting Medicaid fraud. As committee members questioned Dodaro and Verma about oversight of Medicaid managed care programs, all parties appeared to support greater scrutiny.

           Notably, both Dodaro and Verma urged the senators to increase auditors’ review of managed care organizations. Administrator Verma specifically discussed a recent action by CMS to recoup an anticipated $9.5 billion in improper payments made by the State of California to managed care organization. Her written testimony echoed “concerns that managed care rates resulted in significant profits for insurance companies . . . .”

           Comptroller General Dodaro recommended that CMS utilize state auditors to reduce improper Medicaid payments and hold Medicaid programs accountable. He suggested that it would be a “game changer” to involve state auditors in a “substantive, ongoing way.” He noted that Medicaid is projected to cost the federal government and states nearly $1 trillion annually by 2025 and that the program accounts for one-third of many state budgets.

           Verma and Dodaro also directed particular criticism at the use of federal Medicaid funds on the Medicaid expansion population, as provided for under the Patient Protection and Affordable Care Act (the “ACA”). Dodaro criticized the Obama administration for not increasing oversight of Medicaid managed care plans upon the increased Medicaid enrollment caused by the expansion.

           In her testimony, Verma emphasized her support for structural changes to the Medicaid program, which she described as an “open-ended entitlement.” Administrator Verma attributed some of the government’s overspending to the high match rates that states receive for the Medicaid expansion population and urged for a new system that would make states accountable for outcomes. For example, she noted that the high match rate may have incentivized states to improperly keep pregnant women enrolled in the expansion population rather than appropriately transition them to traditional Medicaid when they become pregnant, as traditional Medicaid has a lower match rate.

           Overall, the committee members, Comptroller General Dodaro, and Administrator Verma all agreed that increased oversight is necessary under Medicaid managed care programs.


           Taken together, the reports, announcements, and testimony discussed here provide a clear signal from the Administration that Medicaid managed care is likely to become subject to increasing scrutiny. CMS and federal and state auditors have not yet taken significant concrete action, but MCOs may be well served to proactively evaluate and address program integrity risks related to their payments to providers and their premium rate payments from states.

CMS has issued its 2019 Physician Fee Schedule Proposed Rule, containing highly anticipated new reimbursement policies for telehealth, remote monitoring, and other uses of digital tools, as well as updates to health IT requirements in the Quality Payment Program, with a stronger focus on patient access to health information. Comments are due September 10 at 5pm.

Continue Reading New CMS Incentives for Remote Patient Monitoring and Patient Access