On January 5, 2022, the White House Office of Science and Technology Policy (OSTP) issued a request for information (RFI) seeking input from stakeholders and other interested parties about how digital health technologies are used, or could be used in the future, to transform community health, individual wellness, and health equity. In particular, OSTP sought information regarding successful models that have been used for strengthening community health through digital health technologies, barriers to uptake, metrics employed for measuring user experience, ideas for potential government action, and the impact of digital health technology on health equity.
Federal agencies (executive branch) issue RFIs in the Federal Register as part of formal rulemaking. Rulemaking is the process by which statutes, which are written by Congress and signed into law by the president, are codified into enforceable regulations. Once this process is complete, the newly codified regulations are published in the Code of Federal Regulations (CFR).
Standard Care issued a response to this RFI, which included a recommendation for Civil Monetary Penalty (CMP) enforcement under the Health Insurance Portability and Accountability Act (HIPAA) Security Rule and a recommendation to institute monetary incentives that encourage digital health innovation with focus on the social determinants of health (SDoH).
The costs of HIPAA compliance and CMPs levied for HIPAA violations can create a significant barrier to entry for emerging digital health firms which can, in turn, stifle innovation. Adjusting the current enforcement mechanism, which has a tiered CMP regime, can help minimize this barrier to entry on emerging digital health firms. This involves changing the current “no knowledge” Tier 1 violation to account for evidence of a firm’s good faith HIPAA Privacy and Security Rule compliance efforts. As long as a firm can demonstrate a good faith effort, Security Rule violations that do not result in the unauthorized disclosure of protected health information (PHI), should have CMPs waived. Our amended enforcement mechanism has the potential to either significantly eliminate or reduce CMPs for firms that proactively implement proper controls for Security Rule compliance.
Federal grants and monetary incentive programs designed to promote the use of digital health services for healthcare targeting the SDoH should amend the current definition of “Telehealth services” to incorporate terminology that properly accounts for all relevant digital health firms. A more accurate and encompassing definition should include adjusted phasing, such as “virtual-first” or “digital-only” patient education and "AI-assisted solutions." Using a more encompassing definition for “Telehealth services” helps to ensure that the growing market of digital health firms which do not fit into the traditional definition, yet provide relevant services, are not excluded from participating in federal grants and incentive programs and can continue their vital contribution to healthcare innovation.
RFI: https://www.regulations.gov/document/OSTP-2022-0001-0001
Sign up for occassional updates.
