In its recent guidance “Evaluation of Bulk Drug Substances Nominated for Use in Compounding” for outsourcing facilities, FDA again prioritized the use of FDA-approved drugs over more risky, custom-made medicines produced in bulk.

The guidance limits the raw substances that outsourcing facilities can use to make medicines in bulk that do not go through the FDA safety review process.

The FDA said it would only allow a raw substance to be used if a clinical need was established showing why an FDA-approved drug could not be used to make a compounded medication by, for example, diluting or crushing it.

To remind, FDA created a new category of compounders – outsourcing facility –  following the outbreak of fungal meningitis linked to tainted compounding in 2012. Outsourcing facilities can sell products in bulk without individual prescriptions while following federal drug manufacturing standards. Under the regulations, FDA was required to establish a list of substances outsourcing facilities could use for bulk compounding that met a “clinical need.” So far, FDA has not finalized the list, but under an interim policy, it allowed the use of substances that compounders could nominate for eventual inclusion on the list that had no major safety issues.

Under the guidance, FDA intends to maintain a current list of all bulk drug substances it has evaluated on its website, 238 with separate lists for bulk drug substances it has placed on the 503B Bulks List and those it has 239 decided not to place on the list. FDA again reminds that it will only place a bulk drug substance on the 503B Bulks 240 List where it has determined there is a clinical need for outsourcing facilities to compound drug 241 products using the bulk drug substance.

The guidance explains how FDA evaluates whether to include a specific substance on the list:

 

 

Recently, there were several large federal and state crackdowns on Medicare and Medicaid billing practices involving PBMs brought by whistleblowers under the False Claims Act. The Act allows anyone to sue any individual or company that is defrauding the government and recover funds on the government’s behalf by filing a qui tam lawsuit. The lawsuit must be filed “under seal,” which means that the public has no access to it, but it allows the government to investigate the allegations in the lawsuit.

Recently, a qui tam action against Caremark was unsealed. A whistleblower – an Aetna auditor – brought an action against Caremark for reporting inflated prices to CMS. In the complaint, she alleged that Caremark adjusted MAC prices for Aetna Part D plans so that the drug prices for Aetna Part D beneficiaries precisely met, but did not exceed, the retail discount guaranteed in the contract between Aetna and Caremark. “In other words, the Caremark defendants carefully managed the MAC prices so as to hit the minimum aggregate discount it had guaranteed Aetna, but not to allow Aetna to get the benefit of any lower prices.” The lawsuit further alleged that Caremark inflated MAC prices in its accounting to Aetna, which did not reflect true increases in reimbursement to independent pharmacies.

Aetna investigated the price increases reported by Caremark and discovered that they were significantly higher than prices being charged by other Part D Plan Sponsors for the same drugs. (on average, 25- to 40-percent higher). The parties met to discuss the difference and potential inflation of drug prices. During the meeting Caremark admitted that it did negotiated lower prices on Aetna’s behalf but it was not required under the contract to pass these discounts to Aetna  and passing this discounts to Aetna would negatively impact Caremark’s earnings. The lawsuit argues that Caremark was legally required to report the discounts to Aetna for submission to CMS because Aetna continued reporting the prices to CMS as the negotiated prices . When Aetna indicated that it intended to perform a market check in order to decide whether to contract with a different PBM, Caremark offered to improve Aetna’s prices.

Caremark denied the allegations in the complaint by publicly stating that it complies with all applicable laws and CMS regulations related to the Medicare Part D program and that “CVS Health is committed to helping both patients and payers with solutions to lower their prescription drug costs.” Caremark may be referring to its recent launch of CVS Health program to alert pharmacists when cheaper drug is available. It describes it as an innovation in pharmacy to significantly decrease drug spending: “If the software flags a less expensive therapeutic equivalent, the pharmacist will tell the patient and seek permission to ask their doctor to make the switch. It is also being made available directly to CVS Caremark consumers through an app.” More on CVS Health pilot to reduce drug cost.

Many California pharmacies have questions regarding the newly enacted California’s prohibition on drug manufacturers’ coupons, co-pay cards, and other discounts. The prohibition became effective on January 1, 2018, and created confusion within the industry about when manufacturer’s assistance can be applied to medications dispensed.

To start, California’s AB265 attempts to curb the ever-rising drug costs by prohibiting any manufacturers’ co-pay assistance if a generic version is covered under the plan or a lower cost over-the-counter (OTC) version is available without a prescription. Hence, a pharmacy still may apply a coupon/discount if a generic version is not available under the plan (or a generic has been on the market for less than three months), or if a prescriber indicates “Do not Substitute.” Other less-common scenarios when a pharmacy may apply discounts on patients’ out-of-pocket expenses are:

  •  if the patient has completed applicable step therapy or a prior authorization was obtained;

  • discounts are required under the FDA’s Risk Evaluation and Mitigation Strategy (REMS);

  • the discount is for a single-tablet drug regimen for the treatment of HIV/AIDS that is as effective as a multi-tablet regimen, unless the multi-tablet regimen is clinically equally effective or more effective and is more likely to result in adherence to the drug regimen;

  • the discount is a rebate received by a state agency;

  • a discount is used by a cash-paying patient.

AB265 still allows manufacturers to provide free drugs (if there is no cost to the plan or the patient). It also allows co-pay assistance coming through independent charities.

In addition, keep in mind the federal perspective on manufacturers’ drug assistance. Here is some guidance from the OIG and CMS when manufacturers’ financial assistance may be used. In a nutshell, manufacturer’s assistance with copays is acceptable as long as the assistance is provided outside of the Part D (meaning that the enrollees obtain their drugs without using their Part D insurance benefit). Another safeguard described by the OIG and CMS is that the assistance for Part D enrollees must be determined based solely on patients’ financial need, using a methodology.

AB265 presents operational burdens for California pharmacies and manufacturers: they need to screen the patients, analyze available alternatives, and apply financial assistance very carefully. Because of the additional risks involved, some manufacturers made decision to exclude all California patients from receiving any discounts on drugs with available generic versions.

As to California pharmacies, they often cannot determine if an alternative product is available at a lower cost (especially with OTC medications), it is hard to determine if the lower-cost calculation should be based on dosage or wholesale cost of the drug. While we are waiting for clarification from the state, pharmacies should choose a benchmark to compare drug-cost, prepare policies and procedures describing how the compliance with AB265 should be performed, and train pharmacy staff on the new requirements.

Following an unfavorable decision by the Office of Inspection General’s (OIG) regarding a free drug program run by Caring Voice Coalition, Inc. (CVC), CVC publicly announced that it would stop providing free medications to financially needy Medicare beneficiaries. As a result, OIG decided to rescind its decision and announced that it will not pursue administrative sanctions against any pharmaceutical company that provides free drugs through CVC, as long as the pharmaceutical company complies with the following safeguards:

  • The free drugs are provided in a uniform and consistent manner to federal health care program beneficiaries who: (1) were receiving cost sharing assistance from CVC for the same drug(s) as of November 28, 2017; and (2) have been impacted by CVC’s decision not to provide assistance in 2018.

  • The free drugs are awarded without regard to the beneficiary’s choice of provider, practitioner, supplier, or health plan.

  • The free drugs are not billed to any federal health care program, counted toward the beneficiary’s Medicare Part D true out-of-pocket costs, resold, or otherwise billed to a third-party payer.

  • The provision of the free drugs is not contingent on any future purchases or orders of the drugs or any other item or service.

  • The drug company maintains accurate, contemporaneous, and complete records of the free drugs it furnishes to federal health care program beneficiaries.

In its letter to pharmaceutical companies, the OIG warned that free drug programs – if not properly structured – can implicate, and potentially violate, the Federal anti-kickback statute. For example, free drug programs that provide assistance only during a portion of the Medicare Part D coverage year, such as only during the Medicare Part D coverage gap (i.e., “wrapping around” the Part D benefit).

Last year, the California Department of Health Care Services (DHCS) announced changes in its drug reimbursement methodology by using the two-tier Professional Dispensing Fee and National Average Drug Acquisition Cost (NADAC) to calculate the new drug ingredient cost reimbursement. When NADAC does not exist, Wholesaler Acquisition Cost (WAC) + 0% would be used. (Related Blog Post). The DHCS estimates that the new reimbursement methodology will save over $72 million ($36 million in general fund).

Per the Covered Outpatient Drug Rule, the reimbursement methodology is effective April 1, 2017. However, the DHCS anticipates that it will take several months to update its system using the new methodology. The DHCS has announced that it plans to finalize the switch from AWP (prior used in California to calculate drug reimbursements) to NADAC in late 2018. It’s unclear whether the DHCS would retroactively adjust all the claims going back to April 1, 2017 and would demand that pharmacies pay the difference.

Many pharmacies already noticed a deep drop in drug reimbursements, especially with more expensive specialty drugs. We are currently discussing with the DHCS whether a carve-out of some specialty drugs is possible, but we need to understand whether access to care may potentially be implicated. Please reach me directly to discuss how the switch would affect your practice.

For the last year, both Lyft and Uber have been working with healthcare providers and insurers offering rides to doctors’ offices. Last week, Lyft announced that it is expanding its partnerships with health care providers by partnering with Allscripts to “integrate its platform into the daily routines of 2,500 hospitals, 45,000 physician practices and 180,000 physicians, reaching an estimated 7 million patients.” USA Today.

Both – Uber and Lyft – offer “healthcare rides” in rural and urban areas, free of charge to the patients (billing healthcare providers or insurers). Most of the people, who need transportation to their providers, are on federally funded insurances and therefore issues with kickbacks may come into play. The OIG, however, codified Local Transportation safe-harbors to exempt certain free or discounted transportation programs if they comply with the following requirements:

  1. The program is applied uniformly and consistently and does not take into consideration the past or anticipated volume or value of federal health care program business.

  2. The transportation is not provided via air, luxury, or ambulance-level transportation.

  3. The program is not publicly marketed or advertised, no marketing of health care items and services occurs during the transportation.

  4.  The drivers are not paid on a per-beneficiary-transported basis.

  5. Only established patients shall participate in the program.

  6. The transportation is available only within 25 miles, or 50 miles in rural areas.

  7. The transportation is provided to obtain medically necessary items and services.

  8. The provider bears the costs.

The OIG’s Final Rule codifying Local Transportation safe-harbors.

If done correctly, Uber and Lyft have a huge market to target. However, to alleviate the problem with access to care, we need more than a ride. And how about TeleHealth and home visits?

There are three most important federal anti-fraud healthcare laws that every provider should be familiar with:

  • False Claims Act (filing false claims),

  • Anti-Kickback Statute (offering/receiving remunerations for patient referrals, and providing free or discounted services), and

  • Physician Self-Referral Law (Stark law).

Government agencies have three vehicles to enforce these laws:

  • Exclusion Authorities,

  • Civil Monetary Penalties Law, and

  • Criminal prosecution.

The Civil Monetary Penalties Law imposes significant penalties for filing improper claims, offering/receiving kickbacks, offering beneficiary inducements, and other improper conduct while providing healthcare services. Prior to 2018, the penalties ranged from $10,000 to $50,000 per violation. In the healthcare context, it’s not unusual for penalties to range in millions (for every claim submitted).

The Bipartisan Budget Act of 2018 has increased these penalties by twofold. For example, under the Civil Monetary Penalties Law, every anti-kickback violation may be subject to $50,000 penalty. The Bipartisan Act has increased it to $100,000 per violation. The Act also makes a kickback related violation a felony and has increased the maximum term of imprisonment from five to ten years.  Note that the Act cannot be applied retroactively and is applicable only to violations committed after the date of enactment, February 9, 2018.

All healthcare providers accepting federally sponsored insurances, should scrutinize their Medicare billing practices, marketing agreements, referral arrangements, and promotional and advertising materials. Click here for a roadmap for healthcare providers, “Avoiding Medicare and Medicaid Fraud and Abuse” prepared by U.S. Department of Health and Human Services.

Many independent pharmacies across the nation find themselves forced to shut their doors because of low reimbursements and DIR fees, aggressive PBM practices, and increased investigations and fines by state and federal agencies. In addition, pharmacies must comply with an ever-increasing number of regulations and many small pharmacies are not in position to follow and comply with all regulations and Board of Pharmacy’s opinions. Instead – they choose to close. Many have been serving their communities for decades. Often, shutting the doors means leaving the community without a pharmacy.

A number of pharmacy publications have been covering the issue of a rising number of pharmacies going out of business. The subject of this post is not to reiterate but to guide a pharmacy in legal compliance when closing its business.

Prior to closing, there are a few important issues that the pharmacy needs to address, such as:

  • where to store pharmacy records;

  • what to do with the controlled drug inventory and records;

  • who will take possession of the drug inventory;

  • how to return DEA registration and Forms-222;

  • whether pharmacy labels and prescription pads need to be destroyed.

Today we will focus on the subject that pharmacies are most concerned about –  compliance with DEA’s regulations and notifying the Board of the business closure.

            DEA’s requirements:

A pharmacy that discontinues business activities either completely or only regarding controlled substances must return its DEA registration certificate and unused official order forms (DEA Form 222) to the local DEA Registration Specialist (their address and contact information can be easily found online). In addition, DEA may ask for the location of where inventories, prescriptions, and other required controlled substance records will be stored during the requisite two-year retention period.

           Disposing of controlled substance inventory:

A pharmacy has several options when closing its controlled substances inventory:

  1. Transfer to Another Pharmacy. On the day the controlled substances are transferred, a complete inventory must be taken which documents the drug name, dosage form, strength, quantity, and date transferred. In addition, DEA Form 222 or the electronic equivalent must be prepared to document the transfer of schedule II controlled substances. This inventory will serve as the final inventory for the registrant going out of business and transferring the controlled substances. It will also serve as the initial inventory for the registrant acquiring the controlled substances. A copy of the inventory must be included in the records of each pharmacy.  It is not necessary to send a copy of the inventory to the DEA.  The pharmacy acquiring the controlled substances must maintain all records involved in the transfer of the controlled substances for two years.

   2. Transfer to the Original Supplier or Original Manufacturer. The pharmacist must maintain a written record  showing:

                          – The date of the transaction;

                          – The name, strength, dosage form, and quantity of the controlled substance;

                          – The supplier or manufacturer’s name, address, and registration number.

        The DEA Form 222 or the electronic equivalent will be the official record for the transfer of schedule II controlled substances.

   3.  Reverse Distributors Authorized to Dispose Controlled Substances. A pharmacy may forward controlled substances to a DEA registered reverse distributor who handles the disposal of controlled substances (for a list of such distributors, you may contact your DEA local branch).  When a pharmacy transfers schedule II controlled substances to a reverse distributor for destruction, the reverse distributor must issue an official order form (DEA Form 222) or the electronic equivalent to the pharmacy. When schedules III-V controlled substances are transferred to a reverse distributor for destruction, the pharmacy must maintain a record of distribution that lists the drug name, dosage form, strength, quantity, and date transferred. The DEA registered reverse distributor who will destroy the controlled substances is responsible for submitting a DEA Form 41 (Registrants Inventory of Drugs Surrendered) to the DEA when the controlled substances have been destroyed. A DEA Form 41 should not be used to record the transfer of controlled substances between the pharmacy and the reverse distributor disposing of the drugs.

        Compliance with the Board of Pharmacy regulations

When terminating a pharmacy business, you must notify the Board of Pharmacy of the:

  1. termination date;

  2. information on the transfer of the inventory (if applicable), such as the date of sale or transfer of such drugs, devices or appliances; name and address of purchaser; inventory of dangerous drugs and devices showing their disposition;

  3. location of records of manufacture, sale, purchase, and disposition of dangerous drugs and devices.

You must contact the Board prior to transferring or selling any dangerous drugs, devices or hypodermics inventory as a result of termination of business or bankruptcy proceedings and shall follow official instructions given by the Board applicable to the transaction.

In addition, there are other issues to handle with when closing a pharmacy, such as lease termination, balancing and closing business accounts, employment termination of pharmacy staff – just to name a few. It is important to close the pharmacy on a right note; otherwise, you might face state or government agencies (and even lawsuits) down the road, when you are least prepared.

Recently, a law suit was filed against Aetna in a federal court in Pennsylvania alleging that Aetna repeatedly failed to respect the privacy rights of people on HIV-medications. This is not the first law suit brought against Aetna for violation of privacy laws. A prior law suit alleged that Aetna jeopardized the privacy of its beneficiaries by requiring them to receive their HIV medications through mail and not allowing them to pick up their medications at the pharmacy. The parties reached a settlement and Aetna sent out notices to its beneficiaries taking HIV medications instructing on how they can opt out of the mail order program. The instructions were sent in opaque envelopes with large transparent glassine windows.  Specifically, the visible portion of the letter clearly indicated that it was a communication from Aetna regarding filling prescriptions for HIV medications. As a result, this current action was commenced. The filed complaint may be accessed here.

Aetna agreed to pay more than $17 million to settle accusations that it wrongly disclosed the HIV-status of nearly 14,000 people when it mailed the notices (an automatic payment of at least $500 to everyone who received the notice, along with an opportunity to request up to $20,000 in additional payments for financial and non-financial harm).  Aetna also agreed to change its business practices to better protect private health information in the future.

Prior to the settlement, Aetna offered to provide “immediate relief” to people who were financially harmed by the breach. Through this program, Aetna has approved two requests for counseling services and 13 requests for reimbursement of relocation expenses.

The settlement still must be approved by the court. The patients’ lawyers are allowed to seek attorneys’ fees of nearly $4.3 million. As you can see, a privacy violation could be expensive, and early prevention of a breach can save the business. There are a few common mistakes healthcare provides make when working with Protected Health Information (PHI).

  1. Providers are not clear what qualifies as PHI. For example, very often providers disclose their patients’ addresses or phone numbers – erroneously assuming that it is not PHI. Normally, just an address or a phone number will not be PHI. However, if this information was ever PHI – it is still PHI – and the provider has to de-identify it (redact) or obtain the patient’s authorization to disclose it.

2.   Providers often disclose PHI to patient’s family or friends.

      Healthcare providers should not be disclosing PHI to family or friends, unless:

              – the patient is unconscious or incapacitated and the provider believes sharing information with family and close friends involved in the patient’s care is in the best interests of the patient; and

– where the provider believes that sharing information will prevent or lessen a serious and imminent threat to the patient’s health or safety.

3.   When individual providers leave healthcare practices, they often take their patients’ medical files with them.

      The practice is the covered entity responsible for maintaining the records and the patient has not expressly allowed the disclosure of his or her records to the departing provider. The patient may request that his records be sent to the departing provider or when the patient is seen by the provider at the new location, the practice may share his PHI under the “treatment” exception. A better approach is to have the departing provider sign a records custodian agreement and a Business Associate Agreement with the departing doctor.

4.  Providers often text, email, or fax PHI without assuring proper safeguards.

     HIPAA and related federal privacy laws allow a covered entity to communicate with patients electronically, provided they apply reasonable safeguards when doing so.

     While a covered entity usually encrypts its electronic communication, it cannot control the security of the communication once an email leaves the organization’s server. To assure safe transmission, the patient would need to use an email service that supports HIPAA-level encryption. To go around this requirement, HIPAA allows patients to receive communication in formats they prefer, such as unencrypted email. Providers should prepare “opt-in agreements” for patients consenting to email or SMS communication, and acknowledging that they are aware of the risks.

On faxing PHI, see a related blog post.

One of the major changes in California pharmacy law in 2018 is the introduction of a new pharmacy type – “a remote dispensing site pharmacy.” Such pharmacies must use telepharmacy system (internet and teleconferencing) to reach critical population in medically underserved areas and dispense less than 225 prescriptions per day. The new law authorizes the California State Board of Pharmacy to issue specific permits for these dispensing sites-pharmacies. As of the date of this writing, however, the Board has not made the application process available on its website.

The main feature of a remote dispensing site is the ability to operate without a pharmacist being present. A registered technician may order dangerous drugs/devices – even controlled substances – and sign for the delivery. A caveat: any controlled substances signed for by a pharmacy technician must be stored separately from the existing inventory until they are reviewed and countersigned by a pharmacist.

What is a remote dispensing site pharmacy?

A remote dispensing site pharmacy is a dispensing location without a pharmacist, but which has a pharmacist available through telepharmacy technologies to supervise dispensing and to counsel patients.

A registered pharmacy technician may work at a remote site and to perform order entry, packaging, manipulating, repetitive, and other nondiscretionary tasks. A pharmacist at a supervising pharmacy must supervise the technician through telepharmacy system – such as videoconferencing – by visually monitoring the technician’s work to ensure that the right medications have been filled and dispensed. At the end of the process, the supervising pharmacist provides a two-way video consultation for the patient to ensure that they understand the intended medication use and administration. The supervising pharmacist may supervise up to 2 pharmacy technicians at each remote dispensing site in addition to any technicians being supervised at the originating pharmacy.

TelePharmacy in Other States

TelePharmacy in retail settings has primarily occurred in rural states with pharmacist shortages.

For example, in response to an increasing number of rural community pharmacies going out of business, North Dakota became the first state to allow retail pharmacies to operate without requiring a pharmacist to be present. As a result of these new rules, more than 56 remote sites enabled delivery of pharmacy services to 80,000 rural residents who lost access to pharmacy due to a massive pharmacy shut down. According to a North Dakota State University study, telepharmacy project “has restored access to health care in remote, medically underserved areas and added approximately $26.5 million in economic development to the local rural economy.”

What is TelePharmacy?

The National Association of Boards of Pharmacy defines “telepharmacy” as “the provision of pharmaceutical care through the use of telecommunications and information technologies to patients at a distance.” In a nutshell, telepharmacy delivers clinical pharmacy services and the dispensing of a prescription at a remote location without the physical presence of a pharmacist.

You might be performing TelePharmacy services, if you perform the following:

  • Mail Order (home delivery and central fill)

  • Telephonic patient counseling

  • Compliance and collaborative Drug Management

  • Central processing & remote order entry

  • Remote supervision of technician dispensing

  • Automated dispensing systems

  • Medication kiosks with 24/7 counseling

  • Texting to patients: refill reminders, auto-deliveries, medication tracking

  • Online chats & counseling.

Potential issues with TelePharmacy

While TelePharmacy may sound as a tremendous opportunity to expand pharmacy business into rural areas and solve some of the access to care issues, TelePharmacy – as any TeleHealth –  is prone to an array of legal issues. Below I discuss just a few of them.

Privacy and Security:  

TelePharmacy involves the transmission of personal and health-related information over the Internet. Security of information becomes a concern because it is essential to keep this huge transfer of data under control. Prior to engaging in telepharmacy, providers must ensure that they have secure communication channels, implement business associate and other confidentiality and privacy agreements, educate administrators and users regarding the appropriate use of telemedicine technologies, and analyze whether they are fully compliant with HIPAA and state medical confidentiality laws.

Informed consent:

A remote dispensing site pharmacy must obtain an informed consent from a patient using its services. Such consents must be carefully drafted and include consent to the risks of TelePharmacy, including delays, equipment failures, and possible security breaches.

Malpractice Insurance:

There is a widespread assumption that TelePharmacy (or any telehealth provider) – may potentially be exposed to increased malpractice risks, particularly in matters of procedure and duty of care concerns. Pharmacies involved in a telepharmacy arrangement should ensure that a professional liability insurance policy is in place and actually affords coverage for telemedicine services. If your policy is silent on telepharmacy or telemedicine, seek a written confirmation.

Reimbursements:

Some third-party payors may be unfamiliar with regulations and business aspects of TelePharmacy and may deny certain claims coming from dispensing sites-pharmacies. There is no solid industry guidance on whether a remote dispensing site pharmacy should apply for a new contract or may bill under the same NCPDP as the supervising pharmacy.

In addition, TelePharmacy arrangements are not immune from Anti-Kickback and False Claims enforcement. Anti-kickback laws provide that it is a criminal offense to knowingly and willfully offer, pay, solicit, or receive any remuneration to induce referrals of items or services reimbursable by any federal health care program. In the context of TelePharmacy, such issues may arise in discounted or free equipment or technologies, as well as offering kickbacks to a referring site. The False Claims Act prohibits knowingly submitting or causing to be submitted false or fraudulent claims for payment or false statements or certifications to the government. In the TelePharmacy context, if a pharmacy is not complying with all state regulations on proper operation of a remote dispensing site, it may subject itself to false claims enforcement. It’s beyond the scope of this post to delve into anti-kickback laws and false claims act enforcement in the context of TelePharmacy – it should be a subject of a completely new (and a lengthy) post.

While Telepharmacy may positively impact access to care in California, providers should scrutinize legal and business sides of the arrangement and take extreme care when applying for a permit for a remote dispensing site. During the operation of a remote dispensing site, pharmacists should prioritize record-keeping for both sites (dispensing and supervising), assuring compliance with state and federal laws for both locations.