Lawyer Article

By 2015, health care spending in the United States is likely to reach $4 trillion and account for 20% of GDP, according to recent projections by the Centers for Medicare and Medicaid Services (“CMS”). Increased use of health information technology (“HIT”), especially interoperable electronic health records (“EHR”), is widely viewed as one way to dramatically cut costs, potentially saving up to $160 billion per year, while at the same time improving the quality of care. This alert summarizes the current efforts to implement HIT and interoperable EHR as well as the major obstacles to progress in this area.

Federal Financial Support and Regulatory "Relaxation"
The federal government is encouraging the use of HIT, including interoperable EHR (EHR systems that can communicate with each other), in a variety of ways. For example, President Bush, through an executive order issued in 2004, created the Office of the National Coordinator for Health Information Technology (“ONCHIT”). Of the $169 million President Bush requested for HIT in the fiscal year 2007 budget, $116 million would go to ONCHIT. Also, on October 11, 2005, CMS and the Office of the Inspector General of the Department of Health and Human Services (“OIG”) each published proposed rules designed to further the adoption of electronic prescribing (“e-prescribing”) and interoperable EHR. The stated purpose of these rules would permit hospitals and group practices to donate certain technology to physicians to be used for e-prescribing and EHR without violating the federal physician self-referral law (the “Stark law”) or the federal anti-kickback statute. In addition, federal legislators continue to introduce legislation in Congress that would promote the adoption of HIT in different ways.

What would the proposed CMS and OIG regulations allow?
CMS proposed exceptions to the Stark law, and OIG proposed a safe harbor for e-prescribing and discussed, without actually proposing, an EHR safe harbor. Both proposed rules address the questions of what technology may be donated, who may donate such technology to whom, the standards with which donated technology must comply, and the permitted value of such donated technology.

E-prescribing
Both CMS and OIG propose that donated items or services may include hardware, software, internet connectivity, and training and support services but such items or services must be “necessary” for e-prescribing. To be “necessary,” the donated items or services could not include items or services the recipient has already obtained. The recipient, therefore, would need to certify that the items are not technically or functionally equivalent to items the recipient already possesses. The proposed rules would also require that donated technology be “used solely” for e-prescribing. This requirement means that most software bundles would not be protected, since bundles are likely to contain software that would not meet the “used solely” for e-prescribing requirement. However, hardware and connectivity services would be protected under these proposed rules as long as a “substantial use” of the item or service is to transmit or receive e-prescribing information.

Both rules permit a hospital to donate the e-prescribing items and services described above to physicians on its medical staff as long as such technology is not used to induce physicians who already practice at other hospitals to join the medical staff of a different hospital. Other permissible donors include group practices, prescription drug plan sponsors, and Medicare Advantage organizations.

The donated items and services would need to be used to access an electronic prescription drug program that complies with Medicare Part D. Donors could not restrict the use or compatibility of the items with other systems, and recipients could not make the receipt of such items or services a condition of doing business. The donation of such items and services would not be permitted to take into account the volume or value of referrals or other business generated between the parties. Both CMS and OIG state that they believe a limit on the value of the donated items and services would be appropriate to minimize the potential for fraud and abuse and requested comments on the amount of such a cap.

Electronic Health Records
CMS and OIG took an incremental approach with respect to EHR by discussing two separate exceptions and safe harbors. The first would apply to donations of software and services made before the Secretary’s adoption of criteria, including criteria for certification of the interoperability, functionality, privacy, and security of EHR technology. The second exception and safe harbor would apply to donations made after the adoption of certification criteria.

Pre-Certification Criteria
CMS’s proposed Stark exception for EHR donated prior to adoption of certification criteria would limit the items and services covered by the exception to software and direct training services. This proposed exception would also require (a) the software and services to be necessary and used solely to receive, transmit, and maintain EHR and (b) the donated software to include an e-prescribing component. The OIG is considering similar requirements for its proposed safe harbor. Both CMS and OIG are considering limiting the aggregate value of the protected software and training services and solicited comments on methodologies that could be used to determine the value of such a cap. Other conditions would be similar to conditions proposed for the e-prescribing exception: Donors could not restrict the use or compatibility of the software with other systems, and recipients could not make the receipt of such software or direct training services a condition of doing business. The provision of items or services to recipients could not take into account the volume or value of referrals or other business generated between the parties.

Post-Certification Criteria
The proposed rules note that the adoption of certification criteria will help mitigate, but will not eliminate, the risk of fraud and abuse associated with the provision of EHR technology and training. As a result, this proposed exception and safe harbor are more expansive than the proposed exception for EHR during the pre-certification criteria period. When all such standards and criteria are adopted, CMS and OIG intend to finalize this exception and safe harbor. On that note, the Certification Commission for Healthcare Information Technology, under contract with HHS to develop compliance criteria, announced recently that it expects to announce the first certified vendors of ambulatory EHR in June 2006. Certification of inpatient EHR systems and infrastructure and network components will follow, although a definite timeframe for such certification is not yet known.

As proposed, the scope of covered software in the post-certification criteria exception and safe harbor may be permitted to include software for functions such as scheduling and billing, provided that the core function of the software is EHR. Any software provided would need to include an e-prescribing component. Also, training services directly related to the EHR software would be protected under these rules. The software, of course, would need to comply with standards and criteria adopted by the Secretary.

Because CMS and OIG believe that interoperable EHR will lessen the risk of fraud and abuse, they propose to permit donors to use selective criteria for choosing recipients, provided that neither the eligibility of the recipient, nor the amount or nature of the items or services, takes into account the volume or value of referrals. CMS goes on to enumerate several acceptable selection criteria, including the number of prescriptions written and the total number of hours the recipient practices medicine.

Will these proposed regulations actually accelerate the use of technology in health care?
While many hoped these rules would encourage the use of HIT, the narrow scope of these proposed rules proves that CMS and OIG are more focused on avoiding fraud and abuse than on facilitating a paperless health care system. For example, requiring software to be “used solely” for e-prescribing or EHR requirements appears impractical, as such software is likely to be bundled with software used for both clinical and administrative functions. In fact, the American Hospital Association noted in its comments on these proposed regulations that stand-alone e-prescribing systems are generally not found in the marketplace. In addition, without adequate connectivity and support services, services which are not protected by the EHR regulations, donated EHR technology may prove relatively useless. Also, requiring physicians to certify that items and services provided are not “technically or functionally equivalent to those already possessed” may cause physicians concern, as there is no “good faith” language included. And in the absence of more definitive rules regarding EHR donations, potential donors and recipients will be hesitant to provide or accept EHR for fear of prosecution.

Commentators on these proposed rules have been quick to point out the rules’ shortcomings, and hopefully CMS and OIG will use the public comments to formulate more flexible rules. However, it may be several years before final regulations are published.

Who is introducing HIT legislation and how does it work?
Many legislators have been focused on HIT for years. However, because the proposed rules described above and the subsequent final regulations may not result in widespread adoption of HIT, some legislators have taken steps since the publication of these proposed rules to promote HIT in other ways. In October 2005, Congresswoman Nancy Johnson of Connecticut introduced the Health Information Technology Promotion Act of 2005. This bill would, among other things, (a) allow hospitals and group practices to provide physicians with hardware, software, training, or HIT support services and (b) adopt a single patient privacy standard to consolidate varied state and federal privacy laws.

In December 2005, Congressman Phil Gingrey, a medical doctor from Georgia, introduced the ADOPT HIT Act that would increase tax incentives for physicians who invest in new HIT. In addition to increasing the deduction for HIT, this bill would also more than double the first year deduction for rapid depreciation of HIT equipment from $100,000 to $250,000 and would increase maximum purchase costs for qualifying equipment from $400,000 to $600,000 in any given year, allowing physicians to include other medical equipment purchases in the same year they purchase HIT. Also, Nevada Congressman John Porter, in early March, introduced legislation known as the Federal Family Health Information Technology Act of 2006. This bill would require insurance carriers within the Federal Employee Health Benefits Program to create EHR for the Program’s eight million participants. The bill would also require the carriers to offer a personal health record that participants can access using a web-based service to input information such as dietary requirements and allergies. While these bills are by no means the only HIT legislation being considered, they give a good overview of the different ways in which HIT adoption can be promoted.

Even though extensive use of HIT could have a dramatic and positive effect on health care in the United States, progress is hindered by cost considerations, privacy and security concerns, and the challenges of navigating the existing regulatory environment. The cost savings and quality benefits associated with widespread use of HIT remain alluring, but whether such benefits are a few years or a generation away, however, remains to be seen.

If you have questions regarding health information technology regulations, please contact Dick Vincent at (404) 879-2422 or Jill Girardeau at (404) 879-2426.