On May 17, 2023, the Federal Trade Commission (“FTC”) announced an enforcement action (“Enforcement Action”) against Illinois-based Easy Healthcare Corporation (“Easy Healthcare”), which operates the Premom application, for allegedly violating Section 5 of the FTC Act and the Health Breach Notification Rule (“HBNR”). Easy Healthcare has developed, advertised, and distributed a mobile application called the Premom Ovulation Tracker (“Premom”) that allows users to input and track various types of personal and health information. In the complaint (“Complaint”), the FTC alleges that Easy Healthcare deceived users by disclosing users’ sensitive health data with third parties and failed to notify consumers of these unauthorized disclosures in violation of the HBNR. The proposed order (“Proposed Order”), which was brought by the U.S. Department of Justice on behalf of the FTC, imposes a civil penalty of $100,000 and prohibits Easy Healthcare from sharing user personal health data with third parties for advertising, among other requirements. As part of a related action, Easy Healthcare has agreed to pay an additional $100,000 to Connecticut, the District of Columbia, and Oregon for violating their respective laws.Continue Reading FTC Announces Enforcement Action Against Ovulation Tracking App Premom

On October 21, 2019, the Federal Trade Commission (FTC) announced that it had issued orders to five health insurance companies and two health systems to provide information that will allow the agency to study the effects of certificates of public advantage (COPAs) on price, quality, access, and innovation of healthcare services. The ultimate goal of the study is to enhance the FTC’s knowledge of COPAs in order to inform the agency’s advocacy and enforcement efforts, and to serve as a resource for states considering COPAs.

A COPA is a written certificate typically issued by a state department of health under state law and regulations that seek to displace federal (and sometimes state) antitrust laws, and thereby provide immunity from antitrust law to certain healthcare-provider mergers, acquisitions, and other affiliations. Under the “state action doctrine,” states may shield certain transaction and conduct from federal antitrust law if the state (1) has affirmatively expressed and clearly articulated an intent to displace federal antitrust law and replace it with state regulation, and (2) actively supervises the transaction or collaboration.

Concerned that federal antitrust law and FTC enforcement against healthcare mergers has been too stringent and prevents procompetitive transactions, several states have passed COPA (or “cooperative agreement”) laws to permit healthcare providers to enter into transactions that might otherwise be blocked by the FTC. Proponents of COPAs believe that they allow healthcare providers to enter into transactions that eliminate costly duplicative services, achieve clinical efficiencies, facilitate more integrated care, and enable other community health benefits.
Continue Reading FTC to Study the Impact of COPAs

In late June, Crowell & Moring partnered with Accenture to host a comprehensive one-day conference on legal issues affecting the digital health landscape. The program covered a wide range of topics, some of which you can read more about via the following links: Developing Digital Health Platforms; the Health Care Economy’s Internet of Things; and New Payment Models and Data. More information on the June 23rd “Fostering Innovative Digital Health Strategies Conference” can be found on Crowell.com.

One session touched upon privacy and cybersecurity issues regarding the usage of products and data in the digital health realm. This panel was moderated by Fauzia Zaman-Malik, Accenture’s Global Legal Lead for Health Industry Offerings and North America Legal Lead for Health and Public Services Operating Group; and featured Evan Wolff, partner at Crowell & Moring; Cora Han, FTC senior attorney, Division of Privacy and Identity Protection; and Hilary Weckstein, chief privacy officer at Inovalon, Inc.

This panel focused on methods and benefits of de-identification, HIPAA requirements, the FTC’s role in regulating big data and digital health technologies, and data breach preparation and response.  Keep reading for four key takeaways from this session; the full panel session can also be accessed by video at this link.Continue Reading Digital Health, Big Data, Cybersecurity, and Privacy – Four Key Takeaways from C&M’s Digital Health Strategies Conference

Does a professional licensing board have the ability to discipline licensees without antitrust trouble?  Can a state medical board require patients to see a doctor in person before being treated remotely?  And can a municipal taxicab commission require private transportation companies to conduct background checks?

In the aftermath of the Supreme Court’s ruling in N.C. State Bd. of Dental Exam’rs v. FTC, 135 S. Ct. 1101 (2015), these are just some of the questions that state regulatory boards may have to answer in court – at least if they do not heed the Federal Trade Commission staff’s (“FTC Staff”) recently published guidance on how state boards can protect themselves from antitrust problems.

In Dental Examiners, the Supreme Court held that state regulatory boards are not necessarily exempt from liability under federal antitrust laws merely due to their status as state entities – at least if the board is “controlled by market participants.”  These state regulatory boards are, instead, only exempt from federal antitrust laws if the board’s anticompetitive conduct is clearly articulated in state policy and “actively supervised” by the state.  The new guidance addresses only this second, “actively supervised,” prong of the “state action” doctrine, which was the focus of the Dental Examiners decision.Continue Reading FTC Staff to State Regulatory Boards: Maintaining Protection from Antitrust Scrutiny

The federal government has spent billions to promote adoption and “meaningful use” of health information technology (HIT). There is growing government interest in ensuring that HIT is used to support patient care, but doing so requires electronic exchange of information. Congress, the Department of Health and Human Services (HHS), and States have taken action to identify and prevent “information blocking”—interference with the exchange or use of electronic health information—by health care providers, hospitals, technology developers, and service providers. And there likely will be more guidance, statutory and regulatory changes, and enforcement by federal agencies and states in the coming year.

Congress Requests Information and Takes Action

On December 21, 2014, Congress raised concerns about health information blocking, claiming that such activities “frustrate Congressional intent” under the Health Information Technology for Economic and Clinical Health (HITECH) Act, “devalue taxpayer investments,” and make HIT “less valuable and more burdensome” to hospitals and health care providers. Congress urged the Office of the National Coordinator for Health Information Technology (ONC) at HHS to certify only HIT that does not block health information exchange. Congress also requested ONC publish a detailed report on the scope of health information blocking and a strategy to address it, within 90 days.Continue Reading Health Information Blocking Leads to New Requirements and May Lead to Enforcement Actions

On March 20-21, 2014, the Federal Trade Commission (FTC) held a public workshop, “Examining Health Care Competition,” to discuss trends and developments in the health care industry that may affect competition. Specifically, the workshop used five panels of industry participants and experts to study professional regulation of health care providers, innovations in health care delivery,