© 2016 Husch B lack we l l LLP

The Role of Emerging

Technology in Healthcare

Texas Hospital Association

Texas Health Law Conference

October 9-11, 2016

Julian RiveraPartner, Husch Blackwell

Julian.rivera@huschblackwell.com(512) 479-9753

© 2016 Husch B lack we l l LLP

In the office of the General Counsel …

YOU WON’T BELIEVE THIS NEW TECHNOLOGY…!!!

2

© 2016 Husch B lack we l l LLP

Emerging Technology

• Mobile Applications (mHealth) & Internet of

Things (IoT)

• Digital Medications

• Personalized Shareable Medical Records

• Big Data and Data Analytics

• Artificial Intelligence

• Telemedicine & Telephony

• Blockchain

• Virtual Reality

3

© 2016 Husch B lack we l l LLP

Legal Considerations

This is all coming, and in most cases, has arrived …

what do you need to consider?

Follow the hyperlinks in these slides as a starting point.

4

© 2016 Husch B lack we l l LLP

Not Legal Advice. All facts about specific technologies in

this presentation are based on information gathered from

public websites. Nothing in this presentation should be

considered legal advice in general or specifically

applicable to the technology.

5

© 2016 Husch B lack we l l LLP

Broad Issues to be Discussed Later:

– Fraud and Abuse

– Contractual Considerations

– Risk Mitigation

6

© 2016 Husch B lack we l l LLP

Mobile Apps (mHealth)

$15 billion industry by 2017

Simplest – base Apple Health app

– Collects general wellness data (activity, sleep,

mindfulness, nutrition)

Data mostly entered by the user

Advanced

– App works with devices to collect, analyze, and

transmit data to the user’s physician

7

© 2016 Husch B lack we l l LLP 8

© 2016 Husch B lack we l l LLP

Babyscripts

Doctor delivered digital health tool (app) that is a “to-do

list” which guides mother through each gestation period

with practice-specific, provider-approved tasks

– Includes an internet enabled scale and blood

pressure cuff – “Mommy Kit”

Readings are automatically uploaded to mother’s

Babyscripts profile. Permits real-time feedback and

intervention from the comfort of the patient’s home.

9

© 2016 Husch B lack we l l LLP 10

© 2016 Husch B lack we l l LLP 11

© 2016 Husch B lack we l l LLP

Internet of ‘Medical’ Things (IoMT)

IoT technology – worth $6.2 trillion by 2025

In and outside of the hospital

Tele-monitoring

12

© 2016 Husch B lack we l l LLP 13

Source: Glorium Tech

© 2016 Husch B lack we l l LLP

App & IoMT Legal Considerations

• Privacy

– HIPAA - Is the data being collected by or on behalf of

a covered entity?

– FTC privacy implications

– OCR/ONC/FTC tool

• Security

– Is data transferred? How?

– How is data entered and accessed within an app?

– HIMSS Mobile Health Security Kit

– Wireless spectrum integrity considerations

14

© 2016 Husch B lack we l l LLP

App & IoMT Legal Considerations (cont.)

FDA & OCR Guidances on Mobile Apps

– Is the app or device regulated as a “medical device”?

– Is the data gathered for a covered entity?

Standard of Care vs Reliance on Patient Produced Data

– With more information can come higher expectations

of care

– Is data entered by patients or collected by their off-

the-shelf product reliable?

– When is treatment engaged?

Informed Consent

15

© 2016 Husch B lack we l l LLP

Digital Medications

Medication containing sensors

Transmits data to a system to track adherence to a

medication plan

16

© 2016 Husch B lack we l l LLP

Proteus

Proteus is comprised of ingestible sensors, small

wearable sensor patch, an application on mobile device

& provider portal

Not yet fully FDA approved. Pill & sensor are approved

by FDA, but not combination

– Additional data requested by FDA

17

© 2016 Husch B lack we l l LLP 18

© 2016 Husch B lack we l l LLP

Digital Medications Legal Considerations

Privacy

Security

– Wireless spectrum

– Mobile app

– Data in transit between device patch app

medical record system

Reliance on data

FDA approval

Informed consent

Provider liability

19

© 2016 Husch B lack we l l LLP

Personalized Shareable Medical Records

Electronic application used by patients to acquire,

maintain and manage their health information

Not patient portal

Patient does not access provider EMR system directly

20

© 2016 Husch B lack we l l LLP 21

2007 Source: Markle Foundation

© 2016 Husch B lack we l l LLP

Apple - Gliimpse

• Gliimpse recently acquired by Apple

• Collects & combines disparate threads of PHI

• Users pull their own medical info into single virtual

space, ability to add documents & pictures for profile

• Users can share data (as comprehensive picture)

• Rumors of Apple’s healthcare platform expansion plans:

• “Smartphone serving as an aggregating middleman”

• FDA-regulated sensors

• Advanced clinical decision support

• Electronic health records

22

© 2016 Husch B lack we l l LLP

Personalized Sharable Medical Records -

Legal Considerations

Privacy & Security

– How does HIPAA apply?

– FTC

– Personal health record system a business associate?

– Clearinghouse for other organizations?

Reliance on records provided by patient

– Raised standard of care

Informed consent for system vendor to release records

Regulated medical device?

23

© 2016 Husch B lack we l l LLP

Big Data / Data Analytics

– Predictive Modeling

– Delivering the right intervention at the right time

– Adjusting treatment programs

Improved healthcare analytics leads to improved

programs & ability to create new ones

– Reduce healthcare costs by preventing medical

issues rather than treating

– Artificial Intelligence

24

© 2016 Husch B lack we l l LLP

Artificial Intelligence (AI)

EMR Notifications

– Information provided by the system to the physician

within a medical record

– Vanderbilt University

Alerts tell providers when a drug might not work for

a patient with certain genetic traits

With single click, doctor can prescribe another

medication

Patient intake & preliminary algorithms

Learning by modeling/iterations

25

© 2016 Husch B lack we l l LLP

IBM Watson

Aims to make sense of a growing pool of health care-

related data to help patients and providers make better

decisions

Presents probable diagnosis based on symptoms

identified by the physician

– As more data is provided, the diagnosis will become

more accurate

– Cardiology, Orthopedics, Oncology …

26

© 2016 Husch B lack we l l LLP 27

© 2016 Husch B lack we l l LLP

Big Data & AI Legal Considerations

• Practice of Medicine? Reliance on analytics.

• Provider liability

• Privacy and security at all phases

– Collection, storage, use, disclosure

– Data is in its raw form

– Three of largest health data breaches occurred in 2015

– Cyber crimes

• Alert fatigue

• Defintion of “medical record”?

28

© 2016 Husch B lack we l l LLP

Telemedicine Ecosystem Snapshot

29

© 2016 Husch B lack we l l LLP

CMS Innovation Center - Telemedicine

Congress created the Innovation Center for the purpose

of testing “innovative payment and service delivery

models to reduce program expenditures …while

preserving or enhancing the quality of care”

Healthcare Innovation Awards includes 22 projects

focusing on telehealth

30

CMS Value Based Programs – Waivers? ACO, CIN, Bundled Payments

Combined Joint & Hip Replacement

© 2016 Husch B lack we l l LLP

New Texas Call Coverage Rule

Two models for physician call coverage in Texas:

1) “Non-Reciprocal Call Coverage”

a) Physicians are not of the same or similar specialty,

or

b) Physician who requests call coverage never

reciprocates by providing call coverage for the covering

physician

Requires a written Call Coverage Agreement (CCA)

2) “Reciprocal Call Coverage”

Physicians are of same or similar specialty & take call

for each other’s patients

Allows for the CCA to be oral or in writing

31

© 2016 Husch B lack we l l LLP

Texas e-Health Alliance* – Draft BillCategory Current Statutes/ Regulations Draft Bill

Store-and-ForwardTechnology

Not defined – falls into definition of “telemedicine medical service” as ‘advanced telecommunication technology’

The transmission of medical information to a physician for the physician’s review at a later time…

Establishing a Physician-Patient Relationship

Establishing a diagnosis through the use of acceptable medical practices, including … physical examination that must be performed as part of a face-to-face or in-person evaluation

Practitioner complies with the same standards of appropriate practice as those standards for health care services provided in an in-person setting without sole reliance on audio-only, e-mail, or instant messaging.

OR practitioner contacts a patient, regardless of the method of contact, pursuant to a call coverage agreement with a physician requesting coverage of medical care for the patient.

32

*TeHA with various partners

© 2016 Husch B lack we l l LLP

Patient Engagement – Telephony

• Automated calls to patients about their treatment program

– Medication reminder

– Appointment reminder

– Other notices

• Make patients aware of certain emergency situations

• Caretime: Data collection for home health worker tracking

33

© 2016 Husch B lack we l l LLP 34

© 2016 Husch B lack we l l LLP

TCPA

• Telephone Consumer Protection Act (TCPA) prohibits

pre-recorded or auto-dialed calls to cell phones, with two

exceptions:

– where recipient of call provided his or her prior

express consent to be called, or

– where call was placed for an “emergency purpose”

• Roberts v. Medco Health Solutions, et. al.

– Calls related to prescription refills, order scheduling,

or confirmations can fall under emergency purpose

35

© 2016 Husch B lack we l l LLP

Blockchain

Provides secure and trackable transactions between multiple parties without the need for an intermediary

Customizable process to access the information or asset being transmitted

Redundancies within the healthcare billing cycle reduced

Scalable?

ONC NIST Blockchain Challenge

Gem

– Raised $7 mil to expand into healthcare

– Philips partnership to build out private blockchain for development of enterprise healthcare applications

36

© 2016 Husch B lack we l l LLP 37

Kyle Culver Whitepaper, 2016

Healthcare Blockchain Theory

© 2016 Husch B lack we l l LLP 38

© 2016 Husch B lack we l l LLP

Blockchain Legal Considerations

Lack of recognition as infrastructure - scalability

Privacy

Security

Contract law – “Smart Contracts”

Data accuracy during initial implementation

Infrastructure APIs

39

© 2016 Husch B lack we l l LLP

Virtual Reality (VR)

Virtual simulations for medical training and education

– Surgery

– Use of new equipment and techniques

VR therapy

– Amblyopia therapy

Play a game through virtual reality where patient is

forced integrated images shown to each eye

individually

– PTSD

40

© 2016 Husch B lack we l l LLP

Neuroscape Lab – UC-San Francisco

VR to study brain function effect of certain diseases

Patient moves through virtual world

– Monitor brain activity & reactions to certain stimuli

– Selectively challenge patient

41

GlassBrain

© 2016 Husch B lack we l l LLP

VR Legal Considerations

Studies are showing potential risk for physical &

psychological side effects

FDA regulation

– Treatment vs wellness

Physician–patient relationship

Informed consent

Provider liability

42

© 2016 Husch B lack we l l LLP

Fraud and Abuse

Fact-specific analysis

Devices & apps provided by provider to patient:

– Remuneration? FMV?

OIG Telemedicine Opinions

(AO 11-12, 98-18, 99-14, 04-07)

– Unlikely to produce referrals

– Likely pre-existing clinical affiliation

– Primary beneficiaries of arrangement are patients

– Unlikely to increase costs to federal health programs

– Reduces transfers

– Reduces disability due to delayed treatment

43

© 2016 Husch B lack we l l LLP 44

© 2016 Husch B lack we l l LLP

Contractual Considerations

Parties (generally not subcontractors/vendors)

Privacy & Security (BAA?)

Audit Rights (Privacy/Security/Compliance)

Compliance (Stark, Anti-Kickback, False Claims Act)

Intellectual Property

Hardware Ownership and Compliance

Portal User Interface

State/Federal Licensing – Professionals/Devices

Pass-through Terms of Use to Patient/Provider

45

© 2016 Husch B lack we l l LLP

Contractual Considerations (cont.)

• Specifications for Networks & User Interfaces

• Data Ownership

• Derivative Works/Secondary Revenue Source

• Warranties & Representations

• Uptime/Downtime

• Indemnity (Have a Plan B)

• Insurance

• Liability Waivers, Choice of Law

• Marketing (use of trademark, name, likeness, etc.)

• Adherence to Party’s Policies & Procedures

46

© 2016 Husch B lack we l l LLP

Risk Management

• Privacy data policies & procedures

• Physical technical & administrative safeguards

• Controlled access (contractors, subcontractors)

• Breach response policies, teams, procedures

• Independent audits & annual risk assessments

• Privacy disclosure documentation

• Business Associate Agreements

– Audit Protocols (Covered Entities; Business Associates)

• Cybersecurity policies & procedures

47

© 2016 Husch B lack we l l LLP

…….. conversation

48

© 2016 Husch B lack we l l LLP

Thank you!

49

Julian Rivera

512.479.9753Julian.Rivera@HuschBlackwell.com