Photo of Jodi G. Daniel

Jodi Daniel is a partner in Crowell & Moring's Health Care Group and a member of the group’s Steering Committee. She is also a director at C&M International (CMI), an international policy and regulatory affairs consulting firm affiliated with Crowell & Moring. She leads the firm's Digital Health Practice and provides strategic, legal, and policy advice to all types of health care and technology clients navigating the dynamic regulatory environment related to technology in the health care sector to help them achieve their business goals. Jodi is a contributor to the Uniform Law Commission Telehealth Committee, which drafts and proposes uniform state laws related to telehealth services, including the definition of telehealth, formation of the doctor-patient relationship via telehealth, creation of a registry for out-of-state physicians, insurance coverage and payment parity, and administrative barriers to entity formation.

The Russia-Ukraine conflict is increasing the risk of ransomware attacks and other cyber threats for U.S. companies, and those in the health care industry may be targeted. In a recent analyst note from the Department of Health & Human Services (“HHS”), HHS describes the cyber capabilities of Russia, one of the world’s major cyberpowers, and analyzes two malware variants most likely to impact the U.S. health care and public health sector.
Continue Reading Increased Cyber Risk for Health Care Organizations Due to the Russia-Ukraine Conflict

On October 27, 2021, the U.S. Food and Drug Administration (FDA) in collaboration with Health Canada, and the UK’s Medicines and Healthcare products Regulatory Agency (MHRA), published Guiding Principles for the use of artificial intelligence and machine learning (AI/ML) in medical devices.   The principles are designed to support good machine learning practices (GMLP) and to help promote safe, effective, and high-quality medical devices that use AI/ML. The FDA is accepting public comment on these principles on an ongoing basis.

Continue Reading FDA Publishes Principles for AI and ML in Medical Devices

Today, CMS released its strategy for the CMS Innovation Center (the “Strategy”) in a White Paper, Innovation Center Strategy Refresh. This Strategy and the connection to broader CMS priorities was outlined by CMS Administrator Brooks-LaSure and CMS Innovation Center Director, Liz Fowler, in a webinar and is intended as a blueprint for the next 10 years.  While the Innovation Center’s overarching goal continues to be expansion of successful models that reduce program costs and improve quality and outcomes for Medicare and Medicaid beneficiaries, CMS highlights five strategic objectives: Drive Accountable Care, Advance Health Equity, Support Innovation, Address Affordability, and Partner to Achieve System Transformation and created a new vision: “A health system that achieves equitable outcomes through high-quality, affordable, and person-centered care.”

Continue Reading CMS Innovation Center Announces New Strategic Direction Under the Biden Administration

On May 14, 2021, CMS published FAQs addressing questions that have been raised regarding the Interoperability and Patient Access final rule published May 2020.  CMS is careful to note that the FAQs “do not have the force and effect of law and are not meant to bind the public in any way, unless specifically incorporated into a contract, as directed by a program.”  CMS has provided links and other guidance, including regarding technical standards, best practices, and privacy and security resources, and has directly addressed questions raised by trade associations and others.

We summarize some of the key points addressed in the FAQs.  We encourage you to review the full CMS response where questions arise in your implementation.
Continue Reading CMS Issues First FAQs on the CMS Interoperability and Patient Access Rule

Last week, the Office of the National Coordinator for Health Information Technology (ONC)  published an Interim Final Rule: Information Blocking and the ONC Health IT Certification Program: Extension of Compliance Dates and Timeframes in Response to the COVID-19 Public Health Emergency (Interim Final Rule) providing needed relief to entities working toward compliance.  In the 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program Final Rule (ONC Rule), issued on May 1, 2020, ONC defines the entities that are subject to the rule’s provisions. ONC refers to these entities as Actors. Actors include health care providers, health IT developers of certified health IT, Health Information Exchanges (HIEs), and Health Information Networks (HINs). The Interim Final Rule provides these Actors with “additional flexibilities” to implement the provisions of the ONC Rule including updated compliance dates.  ONC explained that the extension is due to the outbreak of COVID-19 public health emergency; however, this will also provide ONC with additional time to provide answers to the numerous questions that the agency has received as Actors work toward compliance. ONC is accepting comments on this rule, as is typical for an interim final rule. These comments must be submitted to regulations.gov by January 4, 2021.

The Interim Final Rule extends “the applicability date for the information blocking provisions and compliance dates and timeframes for certain Program requirements, including compliance dates for certain 2015 Edition health IT certification criteria and Conditions and Maintenance of Certification requirements.” See CMS and ONC Enforcement Deadlines Chart for more information about compliance dates for the ONC Rule.

Information Blocking

Continue Reading ONC Issues Interim Final Rule Extending Compliance Dates for the Information Blocking and the ONC Health IT Certification Program

On August 20, 2020 the Department of Health and Human Services (HHS) published a notice of proposed rulemaking (85 Fed. Reg. 51397) on good practices for the release and maintenance of agency guidance documents. Comments must be posted by 11:59 pm on September 16, 2020.

As instructed in the October 9, 2019 Executive Order 13891 (EO), titled ‘‘Promoting the Rule of Law Through Improved Agency Guidance Documents (84 FR 55235 (Oct. 15, 2019)), HHS proposes to issue regulations to ensure (i) there is proper notice of any new guidance, and (ii) that the guidance does not impose obligations on regulated parties that are not already reflected in duly enacted statutes or regulations.

This proposed rule appears to follow the Office of Management and Budget, “Final Bulletin for Agency Good Guidance Practices,” issued on January 25, 2007 (72 Fed. Reg. 3432) with respect to the significant guidance document that may, for example “adversely affect in a material way the economy, a sector of the economy, productivity, competition, jobs, the environment, public health or safety, or State, local, or tribal governments or communities” or “materially alter the budgetary impact of entitlements, grants, user fees, or loan programs or the rights and obligations of recipients thereof” and generally requires a 30 day notice and comment period.

Background

Continue Reading HHS Proposes a New Rule to Govern Release and Maintenance of Agency’s Guidance Documents

On April 30, 2020, the Centers for Medicare and Medicaid Services (CMS) announced a second round of regulatory waivers and rule changes in an interim final rule with comment (IFC) that added significant flexibilities for the coverage of telehealth services furnished by a broader set of eligible clinicians and in nontraditional health settings during the

Payers, Providers, and Patients – Oh My! Is Crowell & Moring’s health care podcast, discussing legal and regulatory issues that affect health care entities’ in-house counsel, executives, and investors. In this episode, hosts Payal Nanavati and Joe Records sit down with Jodi Daniel and Ambassador Robert Holleyman to discuss how regulators—across the U.S. and the

Payers, Providers, and Patients – Oh My! Is Crowell & Moring’s biweekly health care podcast, discussing legal and regulatory issues that affect health care entities’ in-house counsel, executives, and investors. In this episode, hosts Payal Nanavati and Joe Records discuss recent FDA guidance related to digital health with Jodi Daniel and Shaina Vinayek. For

In September 2019, the Food & Drug Administration (FDA) issued a new draft “Clinical Decision Support Software” guidance for public comments, which are due December 26, 2019. Concurrently, the agency published updates to four related guidance documents centered on regulation of digital health software products along with a consolidated summary titled “Changes to Existing Medical Software Policies Resulting from Section 3060 of the 21st Century Cures Act,[1] but is not soliciting comment on those. All of these guidance documents now account for the exclusion of certain software functions from the definition of “device” under the 21st Century Cures Act (Cures Act) amendments to the Food, Drug, and Cosmetic Act (FDCA) in 2016 and clarify FDA’s enforcement and monitoring positions vis-à-vis its legal authorities.

The rapid expansion of software and mobile medical applications in health care has made this guidance necessary in order to manage the FDA’s regulatory scope and provide clarity to medical device and health care companies seeking to use more software and mobile app solutions in their products and services. Digital health stakeholders, particularly medical device manufacturers, software developers, and mobile medical application developers should consider the effect of these guidance documents on their go-to-market strategies and submit comments regarding items from the FDA’s newest guidance documents that would create unnecessary burden or not address patient safety issues or other risks that FDA seeks to mitigate. We summarize the key points of each of the FDA’s guidance documents below.

Continue Reading FDA Seeks Comment on Clinical Decision Support Software Guidance and Issues Policy Updates on its Oversight Authority Regarding Medical Software and Apps