Proposed Amendments to OIG Safe Harbor and Stark Physician Self-Referral Exception for Electronic Health Records
Those health care providers and suppliers who are contemplating accepting donations of electronic health records software and training services should be aware of proposed amendments to the regulations that might protect such arrangements under the anti-kickback statute and the Stark physician self-referral law. The Department of Health and Human Services, Office of Inspector General (“OIG”) is proposing to amend the anti-kickback safe harbor pertaining to electronic health records (“EHR”) items and services found at 42 CFR 1001.952(y). The Centers for Medicare and Medicaid Services (“CMS”) is proposing the same amendments to the Stark physician self-referral exception pertaining to donations of certain EHR software and directly related training services found at 42 CFR 411.357(w). The OIG safe harbor and physician self-referral exception were promulgated in 2006 to protect certain arrangements involving the donation by permitted donors of interoperable electronic health records software or information technology and training services. Both proposed rules make the identical changes to the protections offered under the safe harbor and exception.
First, the proposed amendments would update the provision under which EHR software is deemed interoperable. Interoperable has been defined to mean “able to communicate and exchange data accurately, effectively, securely, and consistently with different information technology systems, software applications, and networks, in various settings, and exchange data such that the clinical or operational purpose and meaning of the data are preserved and unaltered.” Both CMS and the OIG consider interoperability to be an important concept to reduce the risk that parties might use the donated software and technology to capture referrals. Both considered that, if the donated technology is interoperable, the recipient would be able to use the technology to transmit EHR not only to the donor but to others, including competitors of the donor, and would not be “locked-in” to communications with the donor only.
The current regulations provide that software is deemed to be interoperable if a certifying body “recognized by the Secretary” of HHS has certified the software within no more than 12 months prior to the date the software was donated to the recipient. The proposed amendments would modify this deeming provision to be in accord with the certification program for EHR technology by the Office of the National Coordinator (“ONC”) for Health Information Technology. The amendments will recognize that the ONC is responsible for recognizing certifying bodies that complete an authorization process established by the ONC. Thus, with the proposed amendments, a certifying body must be “authorized by the National Coordinator for Health Information Technology” rather than “recognized by the Secretary.”
The proposed amendments would also modify the time period within which the software must have been certified, changing it from the current 12 months prior to the donation of the software. The ONC developed a regulatory process that is anticipated to occur over a two-year regulatory interval, so the change would bring the safe harbor and exception in line with that time period. The amendments propose to remove the 12-month time period and provide that software would be eligible for deeming to be interoperable if, on the date it is provided to the recipient, it has been certified to any edition of the EHR certification criteria identified in the then-applicable definition of Certified EHR Technology in 42 CFR Part 170. The 2013 applicable definition for Certified EHR Technology identifies both the 2011 and the 2014 editions of EHR certification criteria, while the 2014 definition identifies only the 2014 edition. The OIG and CMS are seeking comments on whether the 12-month period should be retained.
Second, the proposed amendments would delete the requirement that the donated software must contain electronic prescribing capability. The OIG and CMS considered that most EHR systems include an electronic prescribing component and referred to legislation enacted to address electronic prescribing, including the electronic prescribing incentive programs in place.
Third, the amendments propose to extend the sunset deadline for the safe harbor and the exception from December 31, 2013 to December 31, 2016, to coincide with the last year to receive a Medicare EHR incentive payment and to participate in a Medicaid EHR incentive program. Both the OIG and CMS are considering December 31, 2021 as an alternative sunset date to coincide with the end of EHR Medicaid incentives and asked for comments on the alternative date or whether some other sunset date should be considered.
Fourth, in response to comments that suggested abusive donations were being made, the proposed amendments would limit the scope of protected donors. The current safe harbor protects any donor that is an individual or entity that provides patients with health care items or services covered by a Federal health care program and submits claims or requests for payments for the items or services directly or through reassignment to Medicare, Medicaid, or other Federal health care programs and that otherwise meets the regulatory requirements. The Stark exception permitted donation by any Designated Health Service entity. The original proposals by the OIG and CMS would have limited the scope of protected donors to hospitals, group practices, prescription drug plan sponsors, and Medicare Advantage organizations. The proposed amendments would return to this limited scope of donors. The OIG and CMS are seeking comments on whether other individuals or entities with front-line patient care responsibilities should be included, such as safety net providers. They are also considering whether to retain the current definition of protected donors but to exclude certain suppliers of ancillary services, such as laboratory companies, durable medical equipment suppliers, and independent home health agencies. The proposed limitation on the scope of permissible donors is viewed as a means to prevent donations that subvert the intent of the safe harbor and exception by locking in referrals. The OIG and CMS also invited comments on what new or modified conditions could be added to achieve the goals of: 1) preventing the misuse of the safe harbor and exception that results in data and referral lock-in; and 2) of encouraging the free exchange of data in accordance with protections of privacy.
Finally, the preambles to the 2006 Final Rules for the safe harbor and exception defined the term “’software, information technology and training services necessary and used predominantly’ for electronic health records purposes” to include the following, by way of example: [i] interface and translation software; rights, licenses, and intellectual property related to electronic health records software; connectivity services, including broadband and wireless internet services; clinical support and information services related to patient care (but not separate research or marketing support services); maintenance services; secure messaging (e.g., permitting physicians to communication with patients through electronic messaging); training and support services (such as access to help desk services). Both the OIG and CMS declined the request to include this definition in the regulatory text but requested public input on the issue.