In conjunction with the Department of Health and Human Services’ regulatory sprint to coordinated care, OIG and CMS in 2019 proposed changes aimed at promoting care coordination by eliminating barriers that might exist under fraud and abuse laws.
The OIG final rule modifies existing safe harbor protections and adds new safe harbors under the federal anti-kickback statute (AKS) for certain coordinated care and associated value-based arrangements. The final rule also adds exceptions to the beneficiary inducements civil monetary penalty law that prohibits inducements offered to patients for certain patient engagement.
OIG finalized three new safe harbors for certain remuneration exchanged between or among participants in value-based engagements in which the parties assume full financial risk, substantial downside financial risk, and no or lower risk. All three safe harbors offer protection for in-kind remuneration (e.g., technology or services). However, only the safe harbors for value-based arrangements with substantial assumption of risk protect monetary remuneration.
Among the entities ineligible to use the value-based safe harbors are: pharmaceutical manufacturers, distributors, and wholesalers; pharmacy benefit managers; laboratory companies; manufacturers of devices or medical supplies; entities or individuals that sell or rent durable medical equipment, prosthetics, orthotics and supplies (DMEPOS); and medical device distributors and wholesalers.
OIG also finalized a new safe harbor related to patient engagement tools and supports furnished by a participant in a value-based enterprise to a patient in a target patient population, and a safe harbor for participants in CMS-sponsored models and initiatives (e.g., Medicare Shared Savings Program) to provide greater predictability and uniformity across models.
Additionally, OIG finalized a new safe harbor for donation of cybersecurity tools and related services intended to address the growing threat of cyberattacks impacting the health care industry, and modifications to existing safe harbors related to personal services arrangements, electronic health records, warranties, and local transportation.
Physician Self-Referral Law
CMS’ final rule targets undue burden of the physician self-referral law, commonly referred to as Stark law. The agency finalized exceptions to the Stark law for certain value-based compensation arrangements between or among physicians, providers, and suppliers.
Specifically, three exceptions for compensation arrangements the agency says do not pose a risk of program or patient abuse, including:
- a value-based arrangement in which a value-based enterprise has assumed full financial risk for patient care services for a target patient population;
- a value-based arrangement under which the physician is at meaningful downside financial risk for failure to achieve the value-based purposes of the value-based enterprise; and
- any value-based arrangement, regardless of the level of risk undertaken by the value-based enterprise, provided that the arrangement satisfies specified requirements.
A value-based enterprise is defined as a network of participants collaborating to achieve the goals of a value-based arrangement. An “enterprise” might be a distinct legal entity, such as an accountable care organization, or simply two parties to a value-based arrangement with written documentation of the arrangement.
A target patient population must be selected based on “legitimate and verifiable criteria” that are set out in writing in advance of the commencement of the value-based arrangement. Notably, CMS is not limiting a target patient population to patients with at least one chronic condition, as proposed.
CMS also finalized an exception, aligned with OIG, for donations of cybersecurity technology and related services.
As called for by the association in its comments, CMS provides necessary guidance and clarifies definitions for certain terms under the Stark law, including “commercially reasonable,” “volume or value standard,” and “fair market value.”
America’s Essential Hospitals is reviewing the final rules and will provide a detailed Action Update in the coming days. Both rules have an effective date of Jan. 19, 2021.
Contact Senior Director of Policy Erin O’Malley at firstname.lastname@example.org or 202.585.0127 with questions.