1 / 33

Managing Emerging Technology In Healthcare

Managing Emerging Technology In Healthcare. Moderator : Pamela Labaj, Senior Counsel, Panasonic Panelists - Thomas Strachan: VP, Legal, Compliance, Payor Relations, Preventice Solutions Group - Brandy Canady: Assoc. General Counsel, Contracts & Transactions, Presence Health

noemib
Download Presentation

Managing Emerging Technology In Healthcare

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Managing Emerging Technology In Healthcare Moderator: Pamela Labaj, Senior Counsel, Panasonic Panelists - Thomas Strachan: VP, Legal, Compliance, Payor Relations, Preventice Solutions Group - Brandy Canady: Assoc. General Counsel, Contracts & Transactions, Presence Health - Jerry Kolosky: Senior Healthcare Advisor, Panasonic - BeniSurpin: Partner, Foley & Lardner LLP

  2. Managing Emerging Technology in Healthcare SUMMARY INTRO Medicine is a science and thus is data driven Collection, analysis and use of data is essential to enabling appropriate diagnosis, treatment, prevention and cure of disease for patient and populations Emerging technology is enabling unprecedented changes at a record pace in all aspects of healthcare: delivery of healthcare improvements in patient outcomes with reduced costs introduction of incentives and penalties to effectuate desired migration from a fee for service model to a value based reimbursement solution involvement of patients with their own data collection accelerated communication of increased quantities and quality of health-related data between patient and physician, physicians (EMR/EHR), providers, payers, across the ocean(s), etc. expanded and multi-locational storage of and access to health-related data

  3. Managing Emerging Technology in Healthcare SUMMARY(continued) Data privacy and security is a critical concern to providers, payers, patients and regulators (U.S. and OUS) Ever increasing need for international expansion vs. conflicting or varying data privacy, IP and related individual country regulations Rapidly Emerging Technology in Healthcare Telemedicine technology option designed to improve patient health, throughput and patient satisfaction includes two-way, real-time and near real-time interactive communication between patient and physician decreases costs associated with traditional F2F provision of medical care requires appropriate hardware, software, workflow and clinical/practitioner integration Medical Devices – hardware (FDA, CE, FCC, etc.) Remote diagnostic cardiac monitor (safety, functionality, design control) External (Holter, cardiac event, mobile cardiac telemetry) Internal (implantable)

  4. Managing Emerging Technology in Healthcare SUMMARY(continued) Software device (algorithms) client or cloud-hosted applications (location of server/data access points) services (remote cardiac monitoring services) mobile applications (end-user centric) sharing of patient data (across-borders)

  5. Managing Emerging Technology in Healthcare CHALLENGES No workable plan to migrate from emerging technology to consistently useful, cost-efficient output for patients, physicians Limited and reactionary collaboration between interested parties Danger of short-term thinking in a healthcare world currently evolving around emerging and inherently limited life technology rapid obsolescence of devices (hardware) and software creates obstacles to long-term planning and risk management Healthcare system currently lacks workable/scalable legal and compliance best practices system does not yet cause or enable medical device manufacturers, software developers, providers, sub-providers, payers, regulators, etc. to be on the same page about emerging technology, costs, value-based reimbursement (codes, payment, etc.), use and related guidelines Limitation of laws, regulations (FDA, FCC, CMS, HIPAA, etc.) Gaps and inconsistencies in varying medical reimbursement policies creating obstacles and confusion

  6. Managing Emerging Technology in Healthcare CHALLENGES (continued) Increasing threat of data breaches, hackers, phishing, ransomware need for privacy and security of patient data (e.g. medical devices, software, international implications) create potential roadblocks Varying and inconsistent regulations, policies and organizational expectations related to necessary and required protection for patient data Reimbursement/Payment Data Disconnects Technology has sped past reimbursement structure Medicare/private payer prohibitions related to patient data access/use need for increased education of payers by certain technology/services providers (investigational/experimental) inadequate direct involvement of practitioners with payers Limited Workable/Scalable Guidelines for technology, data security, reimbursement/payment, etc. Intellectual Property Obstacles sole/joint ownership challenges (i.e. cloud-based platforms deliverables when dealing with source code) international implications for use of emerging technology OUS

  7. Managing Emerging Technology in Healthcare SOLUTIONS (macro: system-wide) Foster pro-active communication, education, collaboration between all interested parties despite varying motivations create mutually beneficial environment for consistent development and application of clinical guidelines, protocols, medical policies, reimbursement standards Enable greater data predictability to allow for improved day to day analysis/response Redirect focus towards “big picture” data collection solutions data collected should be most relevant, most reliable – for proper diagnosis, treatment and for predictability analysis include viable, measurable data points – reduce admissions and readmissions for patients and populations push for review/revision of existing federal, state, international regulations – accommodate existing data privacy concerns and allow for expansion to predictable future environments

  8. Managing Emerging Technology in Healthcare SOLUTIONS (micro: organizational/enterprise-level) Design appropriate processes to consistently identify, mitigate risk create and communicate appropriate risk assessment and incident response guideline train, test, retrain, ensure compliance facilitate expedited means to make necessary changes to policy Create environment of collaboration between Legal and IT include Legal/Compliance Groups early and often at front end of business discussions/decisions related to uses of technology foster continued open lines of communication between groups ensure appropriate data integrity, privacy, security Require collaboration between varying providers and partners review existing EMR/EHR systems create workable, scalable standards Be prepared to have difficult discussion about privacy, security, data liability (OUS), shared IP rights, costs, reimbursement

  9. Managing Emerging Technology in Healthcare SOLUTIONS (micro: organizational) Understand and monitor IT and network risks AND review insurance coverage ensure insurance policy includes adequate “cyber insurance” to protect organization from data breaches, network security failures, etc. – beware of exclusions! conduct cyber risk assessments, incident response planning Communicate and educate Board of Directors to relevant technology changes in healthcare, regulatory landscape, applicable risks, proactive solutions, mitigation, etc. be proactive, fiduciary duties, director liability Revise contract forms as necessary to include reasonable T&Cs Expedites negotiations Seek and engage knowledgeable and experienced business partners outside counsel, IT/security, audit, experts

  10. Digital Health & Consumption

  11. Emerging Care Delivery Model Telemedicine cart/robot Patient Portal & App Wearable/Monitoring Device

  12. limited FDA regulation encourages innovation • Degree to which developer(s) can shift liability • accuracy/reliability of warranties regarding effectiveness/efficacy; evidence-based representations • liability may extend outside stream of commerce Provider Liability for Mobile & Emerging Health Technology • HIPAA regulatory enforcement • increasing FTC activity in assuring privacy/security of health care services • private right of action under state law • interactions with other systems & products • right to data • institution’s vicarious liability for a provider’s actions • nexus between patient and provider • provider’s engagement with a specific patient’s case • Prevailing standards of care for prescription/recommendation (or lack thereof) of apps/devices

  13. Integration of New Technology

  14. Contracting for Security* *See “Buying IoT Technology: How to Contract Securely, Merker, Nicholas R., Law360, June 17, 2016 (available at: http://www.law360.com/articles/808010/buying-iot-technology-how-to-contract-securely)

  15. An Opportunity for Transformation An unsustainable system must either change, or break down Aging societies & the “Tectonics of Demography” Example: Retirement of Baby Boomers 80% of age 65+ suffer from one or more chronic conditions – as do many of the poor CCM 75% of the US healthcare spend.

  16. World Population, 60 & Older

  17. Ratio of Workers / Medicare Beneficiaries

  18. Within 25 Years, In Japan... • Seniors will outnumber children age 15 and under by more than 4 to 1 • 40% of Japanese will be 65 or older • Younger generations of Japanese face significant decline in standard of living due to the "Parent Care Tsunami"

  19. The Inevitability of Change • Pressing need for innovative models of care delivery supported by contemporary technologies • Emergence of value-based reimbursement, payer-provider alliances, & patient self-management • Healthcare transformation will require secure, networked technologies, a flexible legal & policy framework, user experience optimization & technical / workflow interoperability across the continuum-of-care

  20. A Population Health Framework • Imperatives of the “Triple AIM” • Per-Capita Cost Reduction • Improved Outcomes • Enhanced Patient Satisfaction • Chronic Care Management • Informed Care Transitions • Health & Wellness • Fusion of Clinical, Behavioral, & Social Factors

  21. State Level Policy Initiatives • Medicaid Innovation • Private Payor Telehealth Reimbursement Parity • Subsidies for Rural & Urban Broadband • State Boards of Medicine Licensing • Health Information Exchange • Community Service Organizations • Innovation Partnerships

  22. Federal Policy Initiatives • Medicare • Increased support for remote patient monitoring services in conjunction with accountable care, bundled payments and other coordinated care models • Telehealth Reimbursement for Critical Access • Lift Restrictions for “Originating Sites” (e.g. Home) • FCC Support for Broadband Expansion • Veterans Health Initiatives • Standards for HIE and Interoperability

  23. Data Monetization and Privacy/Cybersecurity Agenda • Data Monetization • Extracting Value from Connectivity • Monetizing Device Health Data • Data Ownership and PHI Restrictions • Privacy and Cybersecurity • Legislative and Regulatory Overview • FDA & FTC Regulations • Privacy Requirements and FDA Guidance • Cost of Data Breach • Guidance for Businesses

  24. Data Monetization: Extracting Value from Connectivity • Use of IoT in healthcare expected to grow to $117B revenue by 2020 • “Big Data” analytics from health care information could be worth $9 billion to U.S. public health surveillance (by improving detection of and response to infectious disease outbreaks) and $300 billion to American health care in general (McKinsey & Company Data Valuations) • BUT most organizations have yet to derive significant commercial value • More than 200 businesses created since 2010 developing innovative tools to make use of available health care analytics • Companies offer platforms to connect disparate data from across IoT devices for actionable insights (patterns, diagnoses), and turn these into revenue through productized services for external business partners and clients • Hospitals are able to run more efficiently and improve quality of care

  25. Data Monetization: Monetizing Device Health Data Areas in which health care data can be monetized: • Mobile Applications • Web Based Technologies • Technology/infrastructure – Data storage, Security and access • Expanding Data Access and Scaling Data Use • Marketing and Sales • Research • Data Analytics

  26. Data Monetization: Data Ownership and PHI Restrictions • HIPAA only applies to medical devices (as defined by the FDA) that send data directly to a covered entity: • Patients own their own Health Information • State law may assign ownership to records that contain Health Information • HIPAA does not apply for most other wearables, personal “medical” devices, and other health related platforms used by consumers: • Consumers generally own this data, but may be modified by the manufacturer’s Terms of Use • Most emerging technology Terms of Use have broad use rights for the vendor, even if they don’t change the ownership. Vendors own derivative works created from the exploitation of the licensed data • May include “social media” applications like FitBit, Jawbone, etc. • HIPAA Final Omnibus Rule (2013) restricts covered entity from selling identifiable PHI or using PHI for marketing communications without permission from the individual • But if PHI is properly sold to a third party not covered by HIPAA (e.g. data analytics company), third party may use, disclose or sell the data • Sale of de-identified PHI is permissible

  27. Privacy and Cybersecurity: Legislative and Regulatory Overview • FTC Act • FDA (FDA Guidance on Mobile Medical Applications) • HIPAA & HITECH • Children’s Online Privacy Protection Rule (COPPA) • European GDPR

  28. Privacy and Cybersecurity: FDA & FTC Regulations • FDA has power to dictate cybersecurity and privacy requirements of regulated medical devices (subject to pre-marketing and post-marketing regulatory controls) • Many devices sold directly to consumers explicitly disclaim their device is a medical device • FTC has power to hold organizations responsible for their cybersecurity and privacy practices under Section 5 “unfair and deceptive practices”

  29. Privacy and Cybersecurity: Privacy Requirements and FDA Guidance • HIPAA Privacy Rule (for Protected Health Information) • If device is a “Medical Device,” information collected is likely governed by HIPAA as PHI • FTC Section 5 (for other types of information not regulated by HIPAA) • European GDPR and restrictions on data transfer • FDA recommends medical device manufacturers proactively plan for and assess cybersecurity vulnerabilities consistent with the FDA’s Quality System Regulation • Implement core principles of identify, protect, detect, respond, and recover from NIST’s Framework for Improving Critical Infrastructure Cybersecurity • Understanding, assessing and detecting presence and impact of a cybersecurity vulnerability • Define essential performance and develop mitigations to protect, respond and recover from cybersecurity risk

  30. Privacy and Cybersecurity: Costs of Data Breach • Healthcare industry has highest cost per capita in event of a data breach • $402 compared to overall mean of $221 • However, for “consumer” wearable industry, costs are more in line with average • $218 per record • 2/3 of these costs may be “indirect” costs, including abnormal churn

  31. Privacy and Cybersecurity: Guidance for Business

  32. Contact Information Pamela Labaj Senior Counsel Panasonic (908) 377-5525 plabaj@verizon.net Brandy Canady Associate General Counsel, Contracts and Transactions Presence Health 312.308.3267 brandy.canady@presencehealth.org Thomas Strachan Vice President - Legal, Compliance & Payer Relations Preventice Solutions Group (281) 760-0500 tstrachan@preventice.com Beni Surpin Partner Foley & Lardner LLP 858.847.6736 bsurpin@foley.com Jerry Kolosky Senior Healthcare Advisor, Office of the CTO Panasonic 914.260.2001 jkolosky@igctel.com

  33. THANK YOU !

More Related