Health Law 2.0 Session at Health 2.0 Spring Fling - Boston

Health Law 2.0

The Health Law Session at Spring Fling 2012 - Health 2.0 Matchpoint Boston

Storified by David Harlow � Wed, May 16 2012 15:09:42

On Monday, May 14, 2012, The Health Law 2.0 session kicked off Health 2.0's Spring Fling in Boston. Some tweets from the session will give you a taste of the issues we discussed: telemedicine; fraud and abuse; privacy, security and data breach notification rules under HIPAA and HITECH; regulation of mobile health apps by the FDA and other agencies.  We packed a lot into a one-hour session and enjoyed engaging with the attendees on these issues.

First, the advance press:

David Harlow will be speaking during our special Health 2.0 Law session in Boston. First, he answers some... http://fb.me/1wskzX0YpHealth 2.0

And then the tweets from the session itself:

Getting started with Health Law 2.0 at #health2con. Ft @healthblawg. @boltyboy notes that startups don't always understand the rules/regs.Nate Osit

No PowerPoint slides in opening legal talk - gutsy move :) #Health2ConAccessMD

Patient initiatives- how do we reach patients who live in rural areas, have rare conditions, and others? #health2conNate Osit

Karie Rego kicks off Health Law 2.0 @ #health2con w quick overview of #telehealth issuesDavid Harlow

@healthblawg live tweeting while on the panel. Health 2.0 at its finest! #health2conNate Osit

When it comes to the law, prevention is the way to go. - Jack Eiferman #health2conHealthcare Heroes

Brian French of @NixonPeabodyLLP talks about the Antikickback Statute #health2conHealth 2.0

Rego gave an amazing case for the rarity of experts in the MD community, particularly in pediatric care. Huge motivator for us! #Health2ConAccessMD

Q- how can you incentivize without getting in trouble? A- Define purpose, avoid incentivizing HHS service utilization. #health2conNate Osit

More you can document up front, the better. Define mission, scope, services. Reduces risk. #health2con #healthlawForerun, Inc.

Health Law 2.0: Pay people to get better. Sounds good but fraud and abuse laws could make that challenging. #health2conHealthcare Heroes

HealthLaw2.0 takeaway - Document early, review federal safe-harbors, and review state laws #health2conChristopher Carter

David Harlow - medicine used to take place in the hospital ... Now it happens in your phone #Health2ConAccessMD

@healthblawg discussing regulation of mobile apps. Will FDA regulate apps, EHRs, mobile health space? Seems to be moving there. #health2conNate Osit

RT @NateOsit: Apps that connect/replace med devices may be subject to regulation or review by FDA. #health2conElin Silveous

RT @NateOsit: Got something new? That'll be 2 years and $2mil. Improving something? That'll be a couple hundred K and 6 months. #health2conHealth 2.0

Jack Eiferman: Is there a crosswalk that explains everything? The answer is no #health2conHealth 2.0

#health2con kickback statutes falsely named: it felonizes other industries' typical vendor-client relations (dinners out, etc) in some casesDon Fluckinger

#health2con #HIPAA Understand what kind of info you're handling: PHI vs PII (personally identifiable info) and neither (user generated)Don Fluckinger

RT @health2con: Rego: Work with companies that mirror your level of risk #health2conHealthcare Heroes

Dan Orenstein's tips: encrypt data, deidentify information, use a standard business associate agreement #health2conHealth 2.0

Even if you aren't hipaa-regulated, it can be a huge advantage to build as if you were #Health2ConAccessMD

@athenahealth resistant to encryption of data at rest. Worried about performance issues. #health2con #healthITNate Osit

#health2con Good health law panel. Succinct and informative.Joe Cross

Great session on Health 2.0 law! Summary- even if you're not covered by #HIPAA, act as though you are. #health2conForerun, Inc.

Standing room only in this pic! RT @healthblawg: Health Law 2.0 audience ... #health2con http://lockerz.com/s/208987090Mike Sevilla, MD

We got some follow-up press as well, from the in-house organ and others ...

Health 2.0 Law: What is and isn't in writing. Recap of panel at #health2con | Health 2.0 News http://bit.ly/JjRZyGHealth 2.0

Interesting RT @EHRIntel: What does safe harbor mean for health IT? http://bit.ly/JsCMgR #health2con #healthIT #healthLawColin Hung

Docs should be wary of anti-kickback laws when implementing HIT - FierceHealthIT: http://bit.ly/L74FFBJohn G. Self

For the rest of the tweetstream from the Health 2.0 Spring Fling: 

FROM THE BLOG Health 2.0 Spring Fling 2012 Tweetstream, Starting with Health Law 2.0 http://goo.gl/fb/F1M4NDavid Harlow

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

Health 2.0 Spring Fling 2012 Tweetstream, Starting with Health Law 2.0

Health 2.0 Spring Fling comes to Boston this week.  The pre-conference code-a-thon is already history. I'm going to help kick things off with a Health Law 2.0 session on Monday.  For those who'd like to follow along at home Monday and Tuesday, here's the tweetstream; the hashtag is #health2con.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

In the press recently - Health care law and policy issues ... & some upcoming conferences

Here's a sampling of some recent press, touching on the diversity of issues that I've been dealing with these days:

Supreme Court Hears Arguments on Health Reform Law, Nation Awaits Decision  We're counting down to a decision in late spring/early summer ... and I read today that oddsmakers are giving the law's opponents a slight edge.

Smart Social Media Policy for Healthcare  I've been working with health care providers on social media issues from a variety of perspectives; this article from Monster.com is focused on the employment-related issues that arise from health care organizations' employees' use of social media.  

Health Law 2.0: Data exchange spurs HIT compliance challenges  I'll be chairing a Health Law 2.0 panel at the upcoming Health 2.0 Spring Fling in Boston; the pace of change in this arena continues to be rapid, and the question is always how to fit innovation within the regulatory structures unique to health care.

I look forward to seeing old friends and new at Health 2.0 in Boston.  

While we're on the subject of conferences, I'll mention just one more: I'll be speaking at Medicine 2.0 in Boston this fall, and HealthCamp Boston will take place the day before: September 14.  Please hold the date for HealthCamp -- whether or not you'll be attending Medicine 2.0 -- and let me know if you'd like to help organize (or sponsor) this unconference.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

 

Nothing About Me Without Me - Participatory Medicine, Meaningful Use, and the American Hospital Association

Meaningful Use Stage 2 regulations were released in March by CMS and ONC.  Over the past month or so, I've been working with other members of the Society for Participatory Medicine (thank you, all) to prepare comments on these regulations from the patient perspective.  Last Friday, we filed two comment letters on the proposed regulations. One letter to the ONC on Meaningful Use Stage 2, and one letter to CMS on Meaningful Use Stage 2. Each letter opens like this:

The Society for Participatory Medicine applauds the work done to date in focusing on patient engagement in the proposed Stage 2 Meaningful Use regulations and the proposed Health IT Standards regulations.  It is our hope that the final requirements will be even stronger and more focused in this regard than the current drafts. As set forth in greater detail in the attached letter, we have a number of comments that we believe will improve the regulations and their use as a lever to improve patient experience, patient engagement, patient care and, ultimately, patient outcomes. We would like to highlight two in particular:

• We favor improving the likelihood that patients will access their data by allowing for some automation of the process of accessing and downloading patient data, using existing technologies that protect patient privacy and security.
• We also favor immediate patient access to information in the patient’s electronic health record – unless the patient has elected otherwise.

The overarching principle with respect to patient access to electronic health record data running through the entire meaningful use regulation and the health IT standards regulation should be:

    “Nothing about me without me.”

The Society for Participatory Medicine has individual and institutional members nationwide and has a governing board comprised of both clinicians and patients. It was founded to study and promote participatory medicine, which we define as being centered on networked patients shifting from being mere passengers to responsible drivers of their health, and providers who encourage and value them as full partners. For further background on the Society and its activities, we invite you to see the Society’s website (http://participatorymedicine.org), its online journal, The Journal of Participatory Medicine (http://jopm.org) and its blog, e-patients.net.

Comments are being accepted through Monday May 7, 2012.

I invite you to read the Society for Participatory Medicine press release, Participatory Medicine Society Urges Quick Patient Access to Medical Information, outlining the Society's stance on the issue, and the recent posts on the Society's blog, e-patients.net, explicating the SPM Meaningful Use Stage 2 comment letters a little further, and putting them in context -- in particular, juxtaposing them against the American Hospital Association comments calling for a 30-day delay in patient access to information once it's in their EHRs.  (The proposed rule calls for up to 36-hour and 4-business-day delays, depending on context, and the SPM comments call for immediate access.)  Technologically literate commentators, including Fred Trotter, take issue with the AHA's view that 30 days are needed to respond to a request for an EHR.  (Fred's post says a lot more -- check it out.)  

Finally, take a few moments to consider Regina Holliday's comments on the proposed rules, filed in the form of a slideshow featuring her paintings:

Long Stories: The Story Of Meaningful Use and Why the patient voice matters..

David Harlow
The Harlow Group LLC
Health Care Law and Consulting  

Monetization or medicine? Tracking organ donor status on Facebook

Facebook has announced a new box you can check off on your profile: organ donor. (It's available in the US & UK so far, for a total of almost 200 million members; more countries in the works.)

What does this mean and why should you care?

At bottom, this means that Facebook is adding yet another data point to the myriad bits and bytes it already has on so many of us (What's your birth date? Have you ever broken a bone? etc.), which it slices and dices in order to target ads and sell to third parties (and flog news of its upcoming IPO). Checking off the organ donor box on Facebook doesn't make you an organ donor (you need to register with your state DMV), but serving up easy links to organ donation registration sites and motivating registration by showing that friends have registered (or at least checked the box) -- i.e., "norming," in the parlance of BJ Fogg, as quoted in the NY Times piece linked to above -- is likely to increase donor registration, and to increase family awareness of the choice at (or, preferably, before) the time when family members are called upon to carry out the wishes of a donor.

If you are spooked by the idea of Facebook having this information about you, I would ask whether you make your birth date visible on Facebook. I don't; revealing birth date makes identity theft that much easier, and I'm more spooked by that possibility than by the prospect of everyone on Facebook knowing my organ donor status.  I am not concerned (as some are) about someone making the decision to treat me as nothing more than a vessel for donated organs, and I think that it should be possible to strike a balance between a good death and preserving organs for transplant. 

Anything we can do to legitimately increase the supply of organs for donation is a good thing -- too many people languish and die while waiting for an organ.  My problem with this solution is that it is as much about Facebook as it is about organ donation.  While I would expect donor numbers to go up as a result of this initiative, the numbers are not likely to be too significant, because implementing the choice to donate organs requires doing more than clicking something on Facebook -- it requires going through all the steps necessary to memorialize an organ donation in the real world.

I would like to see Facebook using its muscle to lobby for a presumed consent law -- meaning that in the absence of formal directives to the contrary, the presumption should be that a person has consented to organ donation at the appropriate time, reversing the presumption now in effect in this country.  The company has taken an interesting first step, and it will be interesting to see if it pursues this issue beyond the limits of its own pages and monetization strategy.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting  

HealthCare SocialMedia Review #2: The Privacy and Security Edition

Welcome to the latest edition of the HealthCare SocialMedia Review, the blog carnival that's all about health care social media. Today we take a look at some of the privacy and security issues relevant to the medium, and at some other current and topical posts from around the blogosphere. But first, pour yourself another cup of coffee, put your feet up, and have a listen to a lighthearted ode to an emblem of secrecy from an earlier age:

Tell some folks you have a secret, and they'll be all over you, cajoling it out of you.

When my late grandmother was an irrepressible little old lady in her late 90's, she would chat people up wherever she met them, and folks would invariably ask her how old she was.  She would smile and respond: "Can you keep a secret?"  As her next victim leaned in, nodding his or her head, she'd let loose the zinger: "So can I."

Responsible users of health care social media understand that a juicy anecdote can make a point far more effectively than a dry textbook recitation of facts and figures, but we also appreciate the need to make sure, sometimes, that "the names have been changed to protect the innocent," the need to keep some things secret.  This imperative exists in a relationship of dynamic tension with the need to share information in order to promote better understanding of disease and health at both the individual and population level.  Neither is an absolute; both need to be observed, and each has its exceptions. Welcome to the exciting world of health care social media!

Last week marked the first edition of the TEDMED conference in its new home, and one of the TEDMED talks highlighted this tension by essentially posing the question: Would you join the Facebook of medicine?  Leslie Saxon wants to "get 8 billion heartbeats on speed dial" via everyheartbeat.org, bringing the Quantified Self movement to everyone, and her message was heard loud and clear across the pond by 3G Doctor, who blogged about her talk.  

Phil Baumann finds the prospect to be creepy.  

Mark Browne has another take on the QS approach, and the way in which patients may need to be engaged in their health care, inspired by a Google Street View car sighting.  (Let's assume the Google Street View car isn't listening in on patient data transmissions, though.)

Regina Holliday was at TEDMED too, sharing the action through her painting, and she gives voice to her art on her blog; a painting of hers from this conference is explicated through a post about spit. (Disclosure: The HealthBlawger is a member of The Walking Gallery.)

It's nice to see a new generation grappling with the issues raised by the use of social media in medicine. Medical student Emily Lu has a post up at KevinMD.com on the ethics of social media use in medicine -- she offers more questions than answers, but the questions are key ones that demand our attention. As we work towards answering these questions for a new generation, an older generation (not that old), in the person of Bryan Vartabedian, says that when it comes to doctors and social media, the sky is not about to fall anytime soon. 

Physicians and patients are often the focus of discussions about health care social media, but other health care professionals are, of course, using these tools as well. Barbara Ficarra highlights their use by nurses, and calls attention to a nursing tweetchat (#APRNchat ... not to be confused with #RNchat).

Most of you have probably heard of Pinterest by now, and maybe some of you are using this platform. Marie Ennis O'Connor points out the good and the bad, and suggests (man, I love having a non-lawyer say this) actually reading the Terms of Service.  

For anyone considering dipping a toe in the health care social media waters, a top-of-mind question is always: Is it worth the time and effort?  At Walking the Path, Fard Johnmar suggests that ROI isn't the right metric, and that there are other ways to measure the full economic benefits of digital health content.

Pharma has a continuing love-hate relationship with social media, and last week, Boehringer US posted social media guidance for employees -- on YouTube.  Kinda cheesy feel to it, IMHO, but it distills it all down to four points: (1) You are responsible for your behavior, (2) Understand the tools, (3) Think about your audience and (4) You are our eyes, ears, and voice. 

If we're looking for succinct, accessible policy statements on the use of health care social media, then personally, I prefer the 12-word social media policy of Dr. Farris Timimi, Medical Director of the Mayo Clinic Center for Social Media (disclosure: I'm on the Center's advisory board):    

• Don’t Lie, Don’t Pry
• Don’t Cheat, Can’t Delete
• Don’t Steal, Don’t Reveal

(You might also want to check out this old chestnut, from Dan Hinmon of Hive Strategies and your humble HealthBlawger: 9 No-Nonsense Rules to Ensure a HIPAA-Compliant Social Media Strategy.)  

Responding in part to the FDA's issuance of incredibly limited social media guidelines, Laurie Gelb offers some thoughts on a way forward for pharma and social media on The Health Care Blog.

While we're on the subject of social media guidelines, be sure to check out the HIMSS social media workgroup white paper posted on the HIMSS blog with a call for comments and a nod to Lee Aase, Director of the MCCSM.

Aside from the do's and don'ts, U.S. health care organizations need more work in the whys and wherefores department.  A recent study shows that in the US of A, health care organizations use social media mostly for marketing, unlike their counterparts in a number of other countries, where use is more focused on communication -- among providers or otherwise. (Of course, our market-based health care economy may have just a little bit to do with that focus, no?)

Speaking of the market ...  "Free" is never really free, and we pay for some online tools by exposing ourselves to ads.  Context-sensitive ads based on health content are cause for concern over at David Williams' Health Business Blog.  This brings to mind the new Google privacy policy, which says the 'plex has a hands-off policy when it comes to "sensitive personal information," including "confidential medical facts" (gosh, did a lawyer write this policy?) -- but we've seen this movie too, in an earlier NY Times piece about Target and, well, targeting.

Finally, please consider the relationship between the government and social media tools. Just as social media has lowered barriers, geographic and otherwise, between physician and patient, and among collaborators, so, too, has it lowered barriers to engagement with those elected and appointed to serve in our nation's capital.  Let's examine the activity related to Federal stimulus dollars focused on health care, as an example. First, the government, in the form of ONC, is blogging about state health information exchange grantees taking part in the ONC consumer innovation challenge. (See more about the ONC and consumer/patient engagement courtesy of Nikolai Kirienko.) Second, there are numerous tools to use in analyzing the proposed regulations on Stage 2 of Meaningful Use of Electronic Health Records (e.g., bookmarked regs and comparison chart shared socially) as well as exhortations to comment on the proposed regs (you may sample a few courtesy of Dave Chase, Brian Ahier and Project Health Design), tools to use in commenting officially and unofficially, and tools to be used in aggregating comments so that they may be filed officially (hat tip to Nate Osit), which have been shared socially. This is so very different from the bad old days of the Pony Express, which is what we used to communicate with Washington when I was starting out in practice. (Not really. Just checking to see if you're still awake.)

Gentle reader: You did it!  This is the end of the line. Thanks for riding with us this week on the HCSMReview Express.  In the immortal words of Michael Dukakis, speaking about the run for the White House (not about enduring this lengthy edition of HCSMR), It's like running the Marathon (and yes, the Boston Marathon runners did wend their way through my leafy suburb on Monday, as they do each year). We hope you come back and try it again. 

HealthCare SocialMedia Review has information about the next edition (which will be up in two weeks' time) and instructions on how to submit your posts for review in future editions. 

David Harlow
The Harlow Group LLC
Health Care Law and Consulting 

Call for Submissions: HealthBlawg Hosts HealthCare SocialMedia Review #2 Next Week

Ladies and gentlemen, boys and girls, the floodgates are open: Please submit your posts for the upcoming sophomore outing of HealthCare Social Media Review -- the blog carnival for health care social media, featuring the most recent fortnight's crème de la crème of blog posts on the topic. (Follow the link for submission instructions via web form or via email to david AT harlowgroup DOT net.)  

We'll focus on privacy and security issues, but other topical submissions are welcome as well.  Just get everything in by 6 pm ET on Monday April 16 (earlier, if you'd like to be kind to your humble HealthBlawger).

Through the alchemy of the interwebs, the posts you submit will be transformed into golden flax, woven together into a seamless thing of beauty -- and you will count yourselves lucky to read it right here next Wednesday morning, April 18.

Tell your friends and neighbors, and we'll reconvene at HealthBlawg just a few short days from now . . . for the one, the only, HCSM Review #2.  

Be there! Aloha!

David Harlow
The Harlow Group LLC
Health Care Law and Consulting  

Context-Relative Informational Norms – Buzzword or Paradigm Shift?

A piece in The Atlantic highlighting Helen Nissenbaum’s approach to privacy has been whipping around the twittersphere over the past couple of days.  The breathless tone of the piece is a little off-putting, but the content, at first glance, is intriguing:

Nissenbaum argues that the real problem "is the inappropriateness of the flow of information due to the mediation of technology." In her scheme, there are senders and receivers of messages, who communicate different types of information with very specific expectations of how it will be used. Privacy violations occur not when too much data accumulates or people can't direct it, but when one of the receivers or transmission principles change. The key academic term is "context-relative informational norms." Bust a norm and people get upset. 

However, after reading this piece (and, admittedly, not having read Nissenbaum’s academic papers), the contention that this is the first and last word on the question of context-sensitive privacy and sharing -- “What you tell your bank, you might not tell your doctor.  What you tell your friend, you might not tell your father-in-law.” -- rings hollow for me (as it has for the Wall Street Journal Ideas Market blog, as well). 

A whole 'nother issue is the issue of whether norms have any lasting value: How long before today's privacy norms -- even assuming there are some shared norms in this arena -- are replaced by tomorrow's norms?  (On a related note, even the status of evidence-based medicine as a gold standard for guiding clinical practice has been questioned; contrarians hold that personalized medicine for an individual may require approaches that run counter to EBM as proven out over a population.)

Facebook and Google+ tout their context-sensitive sharing tools, which allow for limited sharing of posts to segmented audiences, and most of us understand that we barter personal data for the “free” services they provide; furthermore, this barter exchange usually benefits us as individuals as well -- we get better-targeted messages online as a result.  I would certainly prefer to see Facebook and Google+ be a little more transparent about their use of personal data, and other sites and services also need to be transparent.  At least some folks out in the wild are pretty sophisticated about their wants and needs when it comes to health care social media privacy and security, and I’m just not sure that we need a new paradigm fueled by jargon from the ivory tower -- though perhaps further inquiry would lead me to conclude otherwise.  

In the health care and health care social media context, we all need to be aware of our own needs and desires concerning sharing of personal information, and we all need to be aware of the ways in which personal information is shared and used, and re-shared and re-used, by the platforms and repositories that we use.  Armed with this knowledge, we can work to establish our own context-sensitive norms, and work to ensure that they are honored.

Many users of social media tools for health care purposes have already internalized context-relative informational norms that must be layered on top of existing privacy and security concerns unique to the health care arena.  To those who have not: the HealthBlawger hopes that this post will alert those who have not to avail themselves of the plethora of resources available to them: other health care social media privacy and security content here on HealthBlawg, the Mayo Clinic Center for Social Media (disclosure: I sit on its external advisory board), among many others -- please share any favorites in the comments. These resources should help folks fine-tune individual and institutional approaches to the use of these powerful tools.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting

Pay For Performance and HCAHPS

"There's nothing better at incenting than money."

Setting aside for a moment the mangling of the English language in this quote (see the full article on HCAHPS and P4P), we can probably agree that financial incentives are often a reasonable way to evoke desired behavior change.

At the moment, we're talking about providing care in a way that evokes favorable responses by patients on the HCAHPS questionnaires. Hospitals that have been attentive to patient satisfaction matters -- as measured by HCAHPS -- will be the winners; others, the losers, in the Medicare zero-sum-game of value-based hospital reimbursement.

We love, love, love metrics. We think that if we dole out financial rewards based on metrics, then health care will be improved. So we've developed about 1,000 quality measures (see National Quality Forum (NQF) measure list), and we ask providers to track performance on too many of them, on the theory that you cannot manage what you do not measure -- an aphorism with truth to it, but folks, we have run amok with measures.

Since we don't track all 1,000 all at once, we end up focusing on the dozen or so metrics in front of us at any given time, and other things fall off the table. 

I would love to see six or eight ur-measures that are predictive of quality across a broad spectrum of issues. I've had the opportunity to discuss this and related P4P issues with some leaders in the field, and offer for your listening (or reading) pleasure (well, OK, it's subjective ...) interviews I've done with Leah Binder of the Leapfrog Group, Don Berwick before he went to work for Uncle Sam and Cyndy Nayer & Wayne Burton of the Center for Health Value Innovation.

So what do you think about pay for performance?

What works? What doesn't?

If you were king/queen of P4P, what would you do?

David Harlow
The Harlow Group LLC
Health Care Law and Consulting    

 

Health Insurance Exchange Regulations and the Health Reform Challenge

The federal Health Insurance Exchange regulations were released in final form last week.  (See Timothy Jost's précis on the Health Affairs blog and HHS presser.)  

I had the opportunity to hear Pennsylvania Insurance Commissioner Michael Consedine speak in Philadelphia about his state's progress towards building an exchange the very next day (I was speaking later on the program). Pennsylvania is one of the 26 states challenging the federal health reform law (and even has a state constitutional amendment afoot that would bar implementation of the individual mandate in PA), but that hasn't stopped the Keystone State from spending a $1 million planning grant and getting a $33.8 million implementation grant to kick their state health insurance exchange into high gear. (Nothing like playing both sides, eh?)  

Now that the regs are final, Pennsylvania and the rest of the states had better get cracking, because they are all supposed to have functioning exchanges by January 1, 2014.  The next step would for the federales to give the high sign that they are on track by January 1, 2013 by confirming that they meet the requirements of the "Exchange Blueprint" (which seems less prescriptive than "Plan"); if they don't, or Uncle Sam says their plans aren't up to snuff, then the feds are to step in and run the state exchange. Interestingly, state-level exchanges may be run by the feds (i.e., HHS) "directly or through agreement with a not-for-profit entity." 45 CFR 155.105(f). While some detail is offered about state-chartered not-for-profits that may run exchanges on behalf of states, regions within states, or groups of states (though given current insurance marketing rules and practices that are state-specific, multistate exchanges seem yet to be a pipe dream), no detail is offered about this potentially very important not-for-profit -- after all, there could theoretically be a single not-for-profit entity operating most state-level exchanges come January 2014.  Furthermore, a state-run exchange may contract out its operations in whole or in part to a private entity "that has demonstrated experience on a State or regional basis in the individual and small group health insurance markets and in benefits coverage" and is not a health insurance issuer. 45 CFR 155.110.  It will be interesting to see which of the usual suspects move into this new market opportunity.

Given the late date of the final regs relative to the January 1, 2014 compliance date (which is statutory), I'm thinking that Uncle Sam will be running a whole bunch of state health insurance exchanges, at least for a while.  On the one hand, January 2014 isn't exactly around the corner; on the other hand, we're talking about state bureaucracies that will either have to make or buy exchanges, and both state procurement and state hiring systems may well be described as byzantine.  Not to mention the fact that many states haven't even passed the legislation necessary to establish this new state function.  Or that many are hanging back pending the Supreme Court review of the health reform law. 

Massachusetts won't be one of those making or buying this time around, of course, since it already has an exchange (we call it the Connector) up and running under the Massachusetts health reform law. The grandfathering language in the draft regs has survived (45 CFR 155.150), so folks here in Boston won't have to tweak the Connector to comply with federal requirements, at least initially. A state with an exchange up and running since January 1, 2010, and having at least the percentage of its population covered as CBO estimated in March 2011 will be covered nationally under the ACA in 2016 (95%) may continue to run its own exchange, but will need to work with HHS to determine whether there are any areas onf noncompliance with the federal exchange regs, and work to rectify them.       

As I wrote when the draft health insurance exchange regulations were released in July:

Stepping back from the details, the naysayers will say that the state subsidies built into the exchange for eligible residents will break the camel's back -- universal coverage is a pipe dream we can't afford.  The counter-argument, of course, is that we can't afford widespread uninsurance.  

A question that remains is whether we can afford widespread underinsurance. While this set of regs is certainly long, it is not comprehensive.  About half of the reg is dedicated to matters of eligibility and enrollment.  A couple of key issues have been deferred, including the definition of the "essential health benefits" that must be offered by a "qualified health plan" or QHP -- i.e., any health plan that hopes to be listed on a state exchange. The idea is to have that set of benefits determined by reference to the local (i.e., state-level) "typical plan," which may mean the plan with the most subscribers. Carried to a logical extreme, this approach to defining QHP, while certainly respectful of market differences state to state, could end up undercutting the goals of the ACA by establishing what may be a very low threshold for coverage. This sort of state discretion runs through other aspects of the rule as well; it is not all command-and-control.

As insurers prepare themselves for working with exchanges, they must also prepare themselves for the realities of guaranteed-issue policies based on community rating and no pre-existing condition exclusions. The final regs addressing these issues for the transition period of 2014-2106 and beyond were also issued last week -- the three "R"s: Reinsurance, Risk Corridors and Risk Adjustment; read more about them here. One note on the final reg: calculation of plans' risk scores will be handled by the plans and not by the federales (thanks to comments by Congressional Republicans concerned about government holding the private health data needed for these calculations), which may introduce opportunities for disputes, and certainly reduces opportunities for some big-picture, big data trend analysis in the future.

As January 2013 approaches, some states will be working hard to demonstrate their readiness to comply with the Exchange Blueprint, while others hold back, with one eye on the Supreme Court and one eye on the Congress to be elected this fall. While the regulations allow for a varied patchwork of state exchanges, it seems likely that we will see greater uniformity across the country, with many, if not most, exchanges run -- at least initially -- by the federales or a federal contractor.      

David Harlow
The Harlow Group LLC
Health Care Law and Consulting