SCOTUS Upholds TikTok Ban: Implications for Digital Marketing and Emerging Platforms
The United States Supreme Court unanimously upheld the Protecting Americans from Foreign Adversary Controlled Applications Act (the “Act”) – more commonly referred to as the TikTok Ban – and rejected TikTok’s arguments that the Act violated the First Amendment. While the ultimate fate of TikTok’s U.S. operations remains uncertain, the Supreme Court’s ruling has clear implications for digital content and marketing professionals and their selection of platform strategies going forward.
In a per curiam opinion published today, the Supreme Court recognized its long-standing tradition of exercising caution when deciding cases that involve “new technologies with transformative capabilities[,]” and resolved the narrow question of the tension between the First Amendment and the potential risks associated with foreign adversary control over data collection from U.S. citizens. The Act makes it unlawful for any entity to provide certain services to “distribute, maintain, or update” a “foreign adversary controlled application” in the United States, which explicitly meant TikTok and its parent company, ByteDance Ltd. The Supreme Court also acknowledged that the Act applies to any application that is both “(1) operated by a ‘covered company’ that is ’controlled by a foreign adversary,’ ” which is any country subject to the reporting requirements of 10 U.S.C. § 4872 – which currently includes China, Russia, Iran, and North Korea – and “ ’(2) determined by the President to present a significant threat to the national security of the United States,’ following a public notice and reporting process.”
Noting the “striking bipartisan support” for the Act, the Supreme Court’s narrow decision reflects a growing concern among policymakers and courts regarding the national security implications of foreign-owned technology companies operating in the United States. Beyond the immediate impact on TikTok and its users, this ruling has broader implications for the tech industry and the relationship between the U.S. government and foreign-owned companies. It signals a willingness by the Court to uphold government restrictions on technology companies, particularly those with ties to countries considered foreign adversaries when national security concerns can be credibly invoked. Since the Act identified TikTok by name, it is just the first company to be subject to the ban; however, the Act provides a broader framework that could apply to other platforms operating in the United States. Indeed, the popular trend of U.S. TikTok users migrating to another Chinese app, RedNote, could very well implicate the Act.
Marketing and advertising stakeholders should particularly take note of today’s Supreme Court decision because of a challenge built into the Act: While content creators and marketers benefit from being early adopters of emerging platforms, including international platforms, the Act comes into play when an application reaches a critical mass of more than 1,000,000 monthly active users. In other words, the Act adds another layer of complexity for content creators as they consider building their presence and following on new applications. Once an application becomes sufficiently popular, it could be shut down if it is deemed controlled by a foreign adversary. Likewise, marketing and advertising agencies should more carefully scrutinize the risk that a platform could be shut down under the Act, frustrating ongoing agreements or campaigns.
Out with a Bang: President Biden Ends Final Week in Office with Three AI Actions — AI: The Washington Report
President Biden’s final week in office included three AI actions — a new rule on chip and AI model export controls, an executive order on AI infrastructure and data centers, and an executive order on cybersecurity.
On Monday, the Department of Commerce issued a rule on responsible AI diffusion limiting chip and AI model exports made to certain countries of concern. The rule is particularly aimed at curbing US AI technology exports to China and includes exceptions for US allies.
On Tuesday, President Biden signed an executive order (EO) on AI infrastructure, which directs agencies to lease federal sites for the development of large-scale AI data centers.
On Thursday, Biden signed an EO on cybersecurity, which directs the federal government to strengthen its cybersecurity systems and implement more rigorous requirements for software providers and other third-party contractors.
The actions come just days before President-elect Trump begins his second term. Yet, it remains an open question whether President Trump, who has previously supported chip export controls and data center investments, will keep these actions in place or undo them.
In its final week, the Biden administration issued three final actions on AI, capping off the administration that took the first steps toward creating a government response to AI. On Monday, the Biden administration announced a rule on responsible AI diffusion through chip and AI model export controls, which limit such exports to certain foreign countries. On Tuesday, President Biden signed an Executive Order (EO) on Advancing United States Leadership in Artificial Intelligence Infrastructure, which directs agencies to lease federal sites for the development of AI data centers. And on Thursday, Biden signed an Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity, which directs the federal government to strengthen its cybersecurity operations.
The new AI actions come just days before President-elect Trump takes the White House. What Trump decides to do with Biden’s new and old AI actions, as we discuss below, may provide the first indication of the direction of his second administration’s approach to AI.
Rule on Responsible Diffusion of Advanced AI Technology
On Monday, the Department of Commerce’s Bureau of Industry and Security announced a sweeping rule on export controls on chips and AI models, which requires licenses for exports of the most advanced chips and AI models. The rule aims to allow US companies to export advanced chips and AI models to global allies while also preventing the diffusion of those technologies, either directly or through an intermediary, into countries of concern, including China and Russia.
“To enhance U.S. national security and economic strength, it is essential that we do not offshore [AI] and that the world’s AI runs on American rails,” according to a White House fact sheet. “It is important to work with AI companies and foreign governments to put in place critical security and trust standards as they build out their AI ecosystems.”
The rule divides countries into three categories, with different levels of export controls and licensing requirements for each category based on their risk level:
Eighteen (18) close allies can receive a license exception. Close allies are “jurisdictions with robust technology protection regimes and technology ecosystems aligned with the national security and foreign policy interests of the United States.” They include Australia, Belgium, Canada, Denmark, Finland, France, Germany, Ireland, Italy, Japan, Netherlands, New Zealand, Norway, South Korea, Spain, Sweden, Taiwan, and the United Kingdom.
Countries of concern, including China and Russia, must receive a license to export chips. A “presumption of denial” will apply to license applications from these countries.
All other countries are allowed to apply for a license, and “license applications will be reviewed under a presumption of approval.” But after a certain number of chips are exported, certain restrictions will apply for these countries.
The rule’s export controls fall into four categories depending on the country, its security standards, and the types of chips being exported.
Orders for chips of up to 1,700 advanced GPUs “do not require a license and do not count against national chip caps.”
Entities headquartered in close allies can obtain “Universal Verified End User” (UVEU) status by meeting high security and trust standards. With this status, these countries “can then place up to 7% of their global AI computational capacity in countries around the world — likely amounting to hundreds of thousands of chips.”
Entities not headquartered in a country of concern can obtain “National Verified End User” status by meeting the same high security and trust standards, “enabling them to purchase computational power equivalent to up to 320,000 advanced GPUs over the next two years.”
Entities not headquartered in a close ally and without VEU status “can still purchase large amounts of computational power, up to the equivalent of 50,000 advanced GPUs per country.”
The rule also includes specific export restrictions and licensing requirements for AI models.
Advanced Closed-Weight AI Models: A license is required to export any closed-weight AI model —“i.e., a model with weights that are not published” — “that has been trained on more than 1026 computational power.” Applications for these licenses will be reviewed under a presumption of denial policy “to ensure that the licensing process consistently accounts for the risks associated with the most advanced AI models.”
Open-Weight AI Models: The rule does “not [impose] controls on the model weights of open-weight models,” the most advanced of which “are currently less powerful than the most advanced closed-weight models.”
The new chip export controls build on previous export controls from 2022 and 2023, which we previously covered.
Executive Order on AI Infrastructure
On Tuesday, Biden signed an Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure. The EO directs the Department of Defense and Department of Energy to lease federal sites to the private sector for the development of gigawatt-scale AI data centers that adhere to certain clean energy standards.
“These efforts also will help position America to lead the world in clean energy deployment… This renewed partnership between the government and industry will ensure that the United States will continue to lead the age of AI,” President Biden said in a statement.
The EO requires the Secretary of Defense and Secretary of Energy to identify three sites for AI data centers by February 28, 2025. Developers that build on these sites “will be required to bring online sufficient clean energy generation resources to match the full electricity needs of their data centers, consistent with applicable law.”
The EO also directs agencies “to expedite the processing of permits and approvals required for the construction and operation of AI infrastructure on Federal sites.” The Department of Energy will work to develop and upgrade transmission lines around the new sites and “facilitate [the] interconnection of AI infrastructure to the electric grid.”
Private developers of AI data centers on federal sites are also subject to numerous lease obligations, including paying for the full cost of building and maintaining AI infrastructure and data centers, adhering to lab security and labor standards, and procuring certain clean energy generation resources.
Executive Order on Cybersecurity
On Thursday, President Biden signed an Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity. The EO directs the federal government to strengthen the cybersecurity of its federal systems and adopt more rigorous security and transparency standards for software providers and other third-party contractors. It directs various agencies — with some deadlines as soon as 30 days from the EO’s issuance — to evaluate their cybersecurity systems, launch cybersecurity pilot programs, and implement strengthened cybersecurity practices, including for communication and identity management systems.
The EO also aims to integrate AI into government cybersecurity operations. The EO directs the Secretary of Energy to launch a pilot program “on the use of AI to enhance the cyber defense of critical infrastructure in the energy sector.” Within 150 days of the EO, various agencies shall also “prioritize funding for their respective programs that encourage the development of large-scale, labeled datasets needed to make progress on cyber defense research.” Also, within 150 days of the EO, various agencies shall pursue research on a number of AI topics, including “human-AI interaction methods to assist defensive cyber analysis” and “methods for designing secure AI systems.”
The Fate of President Biden’s AI Actions Under a Trump Administration?
It remains an open question whether Biden’s new AI infrastructure EO, cybersecurity EO, and chip export control rule will survive intact, be modified, or be eliminated under the Trump administration, which begins on Monday. What Trump decides to do with the new export control rule, in particular, may signal the direction of his administration’s approach to AI. Trump may keep the export controls due to his stated commitment to win the AI race against China, or he may get rid of them or tone them down out of concerns that they overly burden US AI innovation and business.
New Executive Order Bolsters the Nation’s Cyber Defenses
In a significant move to bolster the United States’ cybersecurity framework, President Biden issued an executive order (EO) on 16 January 2025 titled “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” days before leaving the White House. This comprehensive directive outlines measures designed to enhance the security of federal systems, improve transparency in third-party software supply chains, and leverage emerging technologies to fortify cyber defenses.
Combating Cyber Crime, Fraud, and Ransomware
The EO includes several provisions designed to address the prevalence of cybercrime, including fraud and ransomware attacks, which have been on the rise in recent years. For example, the EO addresses the use of stolen and synthetic identities in defrauding public benefits programs. It also encourages the use of digital identity documents for identity verification, provided these requirements adhere to principles of privacy and interoperability. The EO also promotes the development of “Yes/No” validation services to reduce identity fraud, allowing for privacy-preserving verification methods.
The EO also includes specific measures aimed at countering ransomware attacks. It amends Executive Order 13694 of 1 April 2015 to block property and interests in property of persons engaged in significant malicious cyber-enabled activities, including ransomware attacks. This revision allows for the freezing of assets of individuals and entities involved in such activities, effectively creating a financial deterrent against ransomware payments.
Enhancing Third-Party Software Security and Improving Federal Systems’ Cybersecurity
The EO mandates rigorous security standards for software providers to the federal government. Within 30 days, the Office of Management and Budget, in consultation with the National Institute of Standards and Technology and the Cybersecurity and Infrastructure Security Agency (CISA), will recommend contract language requiring software providers to submit secure software development attestations and artifacts, in addition to the Software Bill of Materials currently required. This aims to ensure that only software adhering to secure development practices is used in federal systems, thereby reducing vulnerabilities.
Federal agencies are required to adopt proven security practices, including advanced identity and access management technologies. The directive emphasizes the importance of phishing-resistant authentication methods such as WebAuthn. Furthermore, CISA is tasked with developing technical capabilities to monitor threats across federal systems, which includes gaining timely access to data from agency endpoint detection and response solutions.
The EO directs the modernization of IT infrastructure and networks supporting federal missions, emphasizing the adoption of zero trust architectures and other advanced cybersecurity practices. It also seeks to establish minimum cybersecurity requirements for businesses, thereby raising the baseline of cybersecurity across various sectors.
This EO represents a comprehensive approach to strengthening the nation’s cybersecurity defenses. By setting stringent requirements for software providers, enhancing federal system security, and leveraging emerging technologies, the administration aims to create a more resilient cyber infrastructure. The provisions to combat ransomware by targeting the financial aspects of cybercrime demonstrate a proactive stance in addressing one of the most pressing cybersecurity threats facing the nation today.
Strive Without Strife: Your Guide to 2025
Embrace Sustainable Goals. The start of a new year often inspires lofty resolutions, if not illusions of grandeur, about the habits we’ll develop and professional goals we’ll conquer: more billable hours, bigger matters, rapid career advancement, and the like. Yet, by mid- to late-January — right about now — many attorneys find themselves buried under the weight of their ambitious goals and the pressure to consistently deliver at a high level, reverting to old patterns and familiar routines as overextension and burnout loom. The truth is, we don’t transform overnight. Instead of chasing grandiose, unrealistic resolutions that can lead to frustration or feelings of failure, inadequacy, or self-doubt when we fall short, what if we entered 2025 with a focus on embracing sustainable goals — a way to hit our stride and strive without the strife?
Some might argue that the legal profession, with its high demands and rigorous pace, leaves little room for sustainable practices. However, embracing sustainability as an integral part of our goal setting allows us to strive toward our aspirations in a way that’s achievable and meaningful and sets us up for steadier, more fulfilling progress. While the world at large may be heavily biased toward quick fixes and sweeping changes, reams of habit change literature support the ideas that consistency, small and sustainable habits, and incremental progress are fundamental to achieving long-term growth.
Practice ESG by Applying ESG. The concept of sustainability isn’t new. While the Environmental, Social, and Governance (ESG) framework may be rooted in the corporate world, it can also inform how attorneys can practice embracing sustainable goals to achieve success and career longevity. Instead of initiating a complete overhaul of everything at once, focusing on implementing a few small habits or changes consistently within any of the ESG pillars can help sustain progress toward your goals.
Environmental: Our environment, both physical and operational, plays a crucial role in our productivity and focus. A cluttered or chaotic workspace or disorganized workflow can increase stress and overwhelm, deplete energy, and sink motivation. By intentionally structuring a supportive environment, attorneys can minimize distractions; maximize their focus and energy; and manage multiple matters, client communications, and competing deadlines without feeling constantly overwhelmed.
If your goal is to increase efficiency and productivity, consider introducing a small design change into your workspace or workflows, such as:
Decluttering your inbox or desk so you can access key communications or documents more quickly.
Scheduling meetings for 45 minutes instead of 60 so you have time to debrief and prepare in between “back-to-back” meetings.
Writing your to-do list in one place (whether in a physical or digital notebook) instead of on multiple sticky notes.
Turning off the sound that alerts you to new email messages so you’re not constantly task-switching.
Placing your phone somewhere other than your nightstand before bed so you’re not tempted to stay up and scroll aimlessly.
Social: The legal industry thrives on strong relationships at every stage — whether with clients, colleagues, or mentors. Investing time to develop these connections can result in support, guidance, and collaboration opportunities that align with your long-term goals and help you maintain a sustainable pace. However, the kitchen-sink approach of joining every organization, attending every networking event, and reaching out to every contact is a waste of time and leaves you with many surface-level connections.
If your goal is to strengthen your professional network, consider implementing manageable habits intended to build meaningful relationships over time, such as:
Scheduling a recurring time each week to reach out to 1-2 professional contacts, which could be a simple email, a LinkedIn message, or invitation to catch up.
Participating in more focused group activities, such as volunteering for a committee within your firm or a professional organization or attending a small roundtable discussion.
Proactively checking in and seeking guidance from a mentor (formal or informal) every quarter.
Setting aside 15 minutes per week to meaningfully comment on posts or share relevant thought leadership on LinkedIn.
Governance: Arguably the most important pillar of the framework, governance anchors the habits cultivated under the other two pillars to ensure that they are aligned with your overarching goals and values. Your internal governance includes the processes and systems by which you regulate your thoughts and emotions, make intentional decisions, prioritize effectively, and hold yourself accountable. Without robust internal governance to keep you grounded in a high-pressure and fast-paced environment, your efforts risk becoming scattered or misaligned with your goals, leaving you overextended and dissatisfied.
To bolster your internal governance, consider incorporating practices at a regular cadence, such as:
Reflecting on your personal and professional goals.
Breaking down larger objectives into manageable steps.
Celebrating small wins.
Writing down or labeling your thoughts and emotions.
Implementing accountability systems through reminders, progress reviews, or peer check-ins.
By embracing an ESG mindset to foster positive change, attorneys can design a career path that harmonizes ambition with sustainability, ensuring growth that lasts well beyond January.
TikTok, the Clock Won’t Stop, and Cases Involving Court Jurisdiction Narrowly Focused – SCOTUS Today
As the snow has fallen on Washington, DC’s First Street over the past few days, the Supreme Court has begun to issue opinions in the current term.
One of those cases has been in the news constantly, as it relates to a matter at issue in the recent presidential campaign that will likely get attention after the inauguration. The other two relate to federal court jurisdiction, but they are also consequential because their fact patterns are likely to be duplicated in future litigation.
While, with the advent of the new administration, things very well might change, the news today that the Court has upheld a law that could ban the social media platform TikTok this Sunday is significant not only to expressive younger Americans (perhaps your children and mine) but also as a matter of national security.
In a per curiam opinion in TikTok, Inc. v. Garland, the Court noted the following:
There is no doubt that, for more than 170 million Americans, TikTok offers a distinctive and expansive outlet for expression, means of engagement, and source of community. . . . But Congress has determined that divestiture is necessary to address its well-supported national security concerns regarding TikTok’s data collection practices and relationship with a foreign adversary.
And the Court has sided with Congress. Accordingly, TikTok either must divest or shut down the app this Sunday, January 19, as of which date, “the Protecting Americans from Foreign Adversary Controlled Applications Act [the “Act”] will make it unlawful for companies in the United States to provide services to distribute, maintain, or update the social media platform TikTok, unless U.S. operation of the platform is severed from Chinese control.”
The petitioners are two TikTok operating entities and a group of U.S. TikTok users who claimed that the Act, as applied to them, violates the First Amendment. The Court acknowledged that the case could be considered more of a regulation as to a foreign government adversary’s corporate ownership than as a matter of speech. Thus, the Court holds that “a law targeting a foreign adversary’s control over a communications platform is in many ways different in kind from the regulations of non-expressive activity that we have subjected to First Amendment scrutiny.” Those differences include “the Act’s focus on a foreign government [and] the congressionally determined adversary relationship between that foreign government and the United States. . . .” However, “[t]his Court has not articulated a clear framework for determining whether a regulation of non-expressive activity that disproportionately burdens those engaged in expressive activity triggers heightened review. We need not do so here. We assume without deciding that the challenged provisions fall within this category and are subject to First Amendment scrutiny.”
The Court goes on to set forth a primer on the conditions predicate for considering governmental action that arguably suppresses speech. “Content-based laws—those that target speech based on its communicative content—are presumptively unconstitutional and may be justified only if the government proves that they are narrowly tailored to serve compelling state interests.” Reed v. Town of Gilbert, 576 U.S. 155, 163 (2015). Content-neutral laws, in contrast, “are subject to an intermediate level of scrutiny because in most cases they pose a less substantial risk of excising certain ideas or viewpoints from the public dialogue.” Turner Broadcasting System, Inc. v. FCC, 512 U. S. 622, 642 (1994) 512 U.S., at 642 (citation omitted). “Under that standard, we will sustain a content-neutral law ‘if it advances important governmental interests unrelated to the suppression of free speech and does not burden substantially more speech than necessary to further those interests.” Turner Broadcasting System, Inc. v. FCC, 520 U. S. 180, 189 (1997).’”
”As applied to petitioners, the challenged provisions are facially content neutral and are justified by a content-neutral rationale.” Noting that the Act in question is “designed to prevent China—a designated foreign adversary—from leveraging its control over ByteDance Ltd. to capture the personal data of U. S. TikTok users,” which “qualifies as an important Government interest under intermediate scrutiny,” the Court held that this standard, including its narrow focus, justified the divestiture order at issue.
Justice Sotomayor and Justice Gorsuch concurred in the result. Justice Gorsuch’s caveat, expressing satisfaction that the Court did not consider evidence available to it but not to the petitioners, is noteworthy. That is a potential issue in many national security-related cases.
Labor law practitioners who read this blog will be particularly interested in the Court’s unanimous opinion in E.M.D. Sales, Inc. v. Carrera. The case concerns the application of the Fair Labor Standards Act (FLSA), guaranteeing a federal minimum wage for covered workers, 29 U. S. C. §206(a)(1), and requiring overtime pay for those working more than 40 hours per week, §207(a)(1). There are, however, many employees who are exempt from the FLSA’s overtime-pay requirement, e.g., salesmen who primarily work away from their employer’s place of business. §213(a)(1). The application of that exemption places the burden on the employer to show that it applies. Here, EMD, a Washington, DC-area food distributor, faced overtime claims by certain sales representatives who manage inventory and take orders at grocery stores. Several sales representatives sued EMD, alleging that the company violated the FLSA by failing to pay them overtime.
At trial, the U.S. District Court for the District of Maryland held that EMD failed to prove by “clear and convincing evidence” that its sales reps were “outside salesmen.” The U.S. Court of Appeals for the Fourth Circuit affirmed. EMD argued that the sales representatives were outside salesmen and, therefore, exempt from the FLSA’s overtime-pay requirement and that the District Court should have used the less stringent “preponderance of the evidence” standard.
The Supreme Court agreed, holding that the preponderance-of-the-evidence standard applies when an employer seeks to demonstrate that an employee is exempt from the minimum wage and overtime pay provisions of the FLSA. Noting that at the time of enactment of the FLSA in 1938, and continuing to the present, the preponderance standard is the default mode in American civil litigation, the Court held in favor of EMD.
There are three main circumstances in which a more stringent standard might apply: (1) where a statute requires it, (2) where the Constitution requires it, and (3) where coercive governmental action is present. None of those is present here. Moreover, in a related area to the case at bar, employment discrimination, the preponderance standard has consistently been applied. Additionally, the Court rejected the notion that the non-waivability of FLSA rights is material to what standard of proof applies.
Ultimately, the remedy applied by the Court is a limited one. In reversing the decision, the Court simply remands the case to the Court of Appeals to determine whether employees would fail to qualify as outside salesmen even under a preponderance standard.
In a case decided two days ago, Royal Canin U.S.A. Inc. v. Wullschleger, the Court dealt with a consumer claim that the manufacture of a brand of dog food (full disclosure: my dog loves the Golden Retriever variety) had engaged in deceptive marketing practices. The consumer’s original claim, filed in state court, asserted both federal and state law violations. Royal Canin removed the case to federal court pursuant to 28 U. S. C. §1441(a). The plaintiff, Anastasia Wullschleger, wanted the case to be resolved in state court, so she amended her complaint to remove any mention of federal law and petitioned the district court for a remand to state court, which the court denied. However, the Eighth Circuit reversed, and a unanimous Supreme Court, per Justice Kavanaugh, affirmed, holding that “[w]hen a plaintiff amends her complaint to delete the federal-law claims that enabled removal to federal court, leaving only state-law claims behind, the federal court loses supplemental jurisdiction over the state claims, and the case must be remanded to state court.”
Thus, the Court has begun to issue new opinions, at least one of which is going to resound loudly on the domestic political scene.
McDermott+ Check-Up: January 17, 2025
THIS WEEK’S DOSE
House Committees Organize, Senate Committees Begin Nomination Hearings. House healthcare committees held organizing meetings and announced subcommittee assignments, while Senate committees held nomination hearings for President-elect Trump’s appointees, although none (yet) in the healthcare space.
Senate Committee on Homeland Security & Governmental Affairs Holds OMB Director Nomination Hearing. The Office of Management and Budget (OMB) director confirmation hearing focused on Russell Vought’s previous positions, and mentions of healthcare issues were mostly related to veterans.
Senate Special Committee on Aging Holds Hearing on Improving Wellness Among Seniors. The hearing highlighted programs and policies that can improve seniors’ quality of life.
CMS Announces Next 15 Drugs to be Negotiated in Medicare Part D. The prices for the 15 drugs, which include the anti-obesity medications Ozempic, Rybelsus, and Wegovy, must be negotiated and announced by September 1.
HHS, DEA Issue Two Regulations on Telemedicine Prescribing of Controlled Substances. The regulations, one final and one proposed, from the US Department of Health and Human Services (HHS) and the US Drug Enforcement Administration (DEA) address requirements and pathways for certain providers to prescribe controlled substances via telehealth.
CMS Finalizes NBPP for 2026. The Centers for Medicare & Medicaid Services (CMS) finalized much of what was proposed, including enhanced enforcement against agents and brokers.
CMS Releases Advance Notice for 2026 MA and Part D Payment Policies. The annual Medicare Advantage (MA) and Part D payment update would increase MA revenue by 4.33% in 2026 compared to 2025.
CONGRESS
House Committees Organize, Senate Committees Begin Nomination Hearings. Various committees, including House Ways and Means and House Energy and Commerce, held organizational meetings this week and solidified subcommittee assignments. Reps. Buchanan (R-FL) and Doggett (D-TX) will continue as chair and ranking member, respectively, of the Ways and Means Health Subcommittee. Reps. Carter (R-GA) and DeGette (D-CO) are the new chair and ranking member, respectively, of the Energy and Commerce Health Subcommittee. The Senate Finance and Health, Education, Labor, and Pensions (HELP) Committees have not yet released subcommittee assignments.
The Senate held nomination hearings for Trump appointees this week, including hearings for secretary of defense nominee Pete Hegseth and attorney general nominee Pam Bondi. Nomination hearings for healthcare appointees, including HHS secretary nominee RFK Jr. and CMS administrator nominee Mehmet Oz, are not yet scheduled. RFK Jr. will testify before both the Senate Finance and HELP Committees, although only the Finance Committee will vote to advance his nomination. Committees typically provide a week’s notice before a nomination hearing, so health-related hearings will likely begin no earlier than the week of January 27.
Senate Committee on Homeland Security & Governmental Affairs Holds OMB Director Nomination Hearing. During the hearing, Republicans predominately praised nominee Russell Vought’s previous work as OMB director under Trump’s first Administration and emphasized that they looked forward to working with him again. Democrats pressed Vought on some of his previous positions. With respect to health-policy-focused questions, Democrats asked if he would commit to distributing funds appropriated for SUPPORT Act programs, because they stated that he previously supported withholding funds for funded programs that required reauthorization. Democrats also raised concerns about potential cuts to Veterans Affairs disability benefits.
Senate Special Committee on Aging Holds Hearing on Improving Wellness Among Seniors. The hearing included witnesses from a local police department, research centers, and nonprofits who highlighted that physical and dietary interventions at an earlier age can improve health and longevity and lower costs. Democratic members focused on how lowering prescription drug costs and implementing food programs would benefit seniors, while Republican members focused on addressing financial scams and the costs of implementing programs for older Americans.
ADMINISTRATION
CMS Announces Next 15 Drugs to be Negotiated in Medicare Part D. On the Biden Administration’s last full business day, CMS announced the second round of 15 drugs that will be negotiated in Medicare Part D starting in 2027. Notably, Medicare will negotiate prices for Ozempic, Rybelsus, and Wegovy. Per the Inflation Reduction Act, drugs were selected based on total gross covered prescription drug costs under Medicare Part D. Drug companies with a selected drug will have until February 28 to decide if they will participate in negotiations. However, if a company opts to not participate in the negotiation process, they will face a significant penalty in the form of an excise tax on the sales of that drug, potentially reaching up to 95% of the drug’s U.S. sales.
It is unclear how the incoming Trump Administration will handle both these negotiations and the MA/Part D Technical Rule, released in late November, that proposes to expand coverage of anti-obesity medications in Medicare and Medicaid. Under the Inflation Reduction Act, the final prices for these 15 drugs must be negotiated and announced by September 1, 2025. A fact sheet can be found here, and information about the first round of negotiated drug prices can be found here.
HHS, DEA Issue Two Regulations on Telemedicine Prescribing of Controlled Substances. The agencies released a final rule, Expansion of Buprenorphine Treatment via Telemedicine Encounter, which establishes requirements for the prescription of certain controlled substances via telemedicine and audio-only telemedicine for treatment of opioid use disorder. The final rule requires a DEA-registered practitioner to review the patient’s prescription drug monitoring program data for the state in which the patient is located during an audio-only telemedicine encounter. Additional prescriptions can be issued via other forms of telemedicine as authorized under the Controlled Substances Act, or after an in-person medical evaluation is conducted.
The DEA also released a proposed rule, Special Registrations for Telemedicine and Limited State Telemedicine Registrations, which would establish three special registrations that create a pathway for certain healthcare professionals to prescribe certain controlled substances via telemedicine. The special registration would only apply where the prescribing practitioner has never conducted an in-person medical evaluation of the patient prior to the issuance of the prescription. Comments are due 60 days from publication. For more information on the special registration proposed rule, check out our +Insight.
CMS Finalizes NBPP for 2026. The Notice of Benefit and Payment Parameters (NBPP) finalizes changes to health plans participating on the Affordable Care Act (ACA) Marketplace, as well as new requirements for Marketplaces themselves, agents, brokers, web-brokers, direct enrollment entities, and assisters that help Marketplace consumers. Most proposed policies were finalized and include the following:
Agents and Brokers: CMS enhanced enforcement, including to suspend an agent’s or broker’s ability to transact information with the Exchange. CMS also updated the model consent form that agents, brokers, and web-brokers can use to obtain and document consumer consent.
Grace Periods: CMS will allow health plans to adopt a fixed-dollar payment threshold of $10 or less, adjusted for inflation, under which plans would not be required to trigger a grace period or terminate enrollment for enrollees who fail to pay the full amount of their portion of premium owed.
Failure to File and Reconcile: CMS will require Exchanges to provide notice to consumers and tax filers who have failed to file and reconcile their advanced premium tax credit for two consecutive years.
Plan Options: CMS finalized updates to standardized plan options and non-standardized plan option limits, including requiring issuers to offer multiple standardized plan options within the same product network type, metal level, and service area to better differentiate these plans from one another to reduce the risk of duplicative offerings.
It is unclear how the incoming Trump Administration will handle these policies and whether any will be altered prior to the start of 2026. The final notice was effective January 15, 2025. A fact sheet is available here.
CMS Releases Advance Notice for 2026 MA and Part D Payment Policies. The Advance Notice is released on an annual basis and includes proposed updates to the capitation and risk adjustment methodologies used to calculate payments to MA plans, as well as other payment policies that impact Part D. Key proposals include:
Overall Payment Update: CMS proposed payment updates that would result in an estimated 4.33% increase in MA revenue in 2026 compared to 2025. CMS noted that this percentage translates to an increase of more than $21 billion in MA plan payments from 2025 to 2026.
Risk Adjustment: CMS proposed to complete the three-year phase-in of the Part C Risk Adjustment Model by calculating 100% of the risk scores using only the 2024 CMS-HCC model.
Part C and D Star Ratings: CMS provided a list of eligible disasters for adjustment and lists measures that will be included in the Part C and D improvement measures and Categorical Adjustment Index for the 2026 Star Ratings. CMS is considering additional ways to simplify and refocus the measure set on clinical care, outcomes, and patient experience of care measures, and is considering adding geography to the Health Equity Index reward.
Comments are due by February 10, 2025, which is after President-elect Trump’s inauguration. It is unclear how the incoming Trump Administration will handle the rate notice and whether these policies and payment rates will ultimately be implemented for 2026. The fact sheet can be found here, and a press release can be found here.
QUICK HITS
ASPE Issues Report on Medicare Part D Out-of-Pocket Cap. The HHS Assistant Secretary for Planning and Evaluation (ASPE) found that about 11 million Part D enrollees are expected to reach the $2,000 annual out-of-pocket cap enacted by the Inflation Reduction Act. Read the full report here.
FTC Releases Second Interim Report on PBMs. The Federal Trade Commission (FTC) report on pharmacy benefit managers (PBMs) focuses on specialty generic drug costs and follows the July 2024 first interim report on PBMs. Read the press release here.
HHS Summarizes Public Comments on Consolidation in Healthcare Markets RFI. The report highlights themes from public comments in response to a March 2024 request for information (RFI). The report calls for more ownership transparency and greater disclosures of private equity acquisition activity in healthcare markets; more enforcement action to inhibit mergers and acquisitions; and increased data sharing across federal, state, and local agencies.
CMS Releases Snapshot of Accountable Care Initiatives. The snapshot highlights that 53.4% of traditional Medicare enrollees are in an accountable care relationship in 2025, an increase of 4.3% from 2024. Read the fact sheet here.
CMS Issues Draft 2026 Part D Redesign Program Instructions. The instructions provide information about changes to the structure of the Part D standard benefit that were mandated by the Inflation Reduction Act. Comments are due by February 10, 2025. A fact sheet is available here.
CMS Releases Updated Guidance on Medicaid/CHIP Children’s Continuous Eligibility. The guidance replaces previously issued guidance on the topic, clarifying policies related to implementation in the Children’s Health Insurance Program (CHIP) and for incarcerated youth. The requirement to provide 12 months of continuous eligibility to children under the age of 19 was effective January 2024.
OIG Raises Concerns About FDA Accelerated Approval Pathway. An HHS Office of Inspector General (OIG) report recommended that the US Food and Drug Administration (FDA) modify the accelerated approval pathway to define specific factors that would require the accelerated approval council to advise on certain drug applications, and ensure appropriate documentation of meetings with sponsors in drug approval administrative files.
CMS Releases Guidance on Improving HIV Testing, Prevention, and Care Delivery in Medicaid/CHIP. The guidance provides strategies and opportunities for state Medicaid programs based on the latest scientific evidence and aims to help address access issues raised by two recent OIG reports.
HHS Declares Public Health Emergency, Provides Resources in California. In response to wildfires in southern California, HHS and CMS will provide resources and flexibilities, including extending the Marketplace Open Enrollment period and compiling a Medicaid disaster toolkit for states. Read the press release here.
MedPAC Holds January 2025 Meeting. The Medicare Payment Advisory Commission (MedPAC) meeting included votes on draft recommendations for updating payments for physicians, hospital inpatient and outpatient services, skilled nursing facility services, home health agency services, inpatient rehabilitation facility services, outpatient dialysis services, and hospice services. Sessions also discussed coverage limits on stays in freestanding inpatient psychiatric facilities; cost-sharing for outpatient services at critical access hospitals; and status reports on Part D, MA, and ambulatory surgical center services.
NEXT WEEK’S DIAGNOSIS
President-elect Trump will be inaugurated on January 20. With the new Administration, we expect immediate executive orders and other actions that may impact healthcare. The House and Senate will be in session next week. The Senate HELP Committee will hold an organizational meeting on January 21. Nomination hearings for Trump’s healthcare appointees could begin the week of January 27.
DEA Releases Long-Awaited Telehealth Special Registration Proposal, but Adoption Is Uncertain
On January 15, 2025, the US Drug Enforcement Administration (DEA) released a proposed rule entitled Special Registrations for Telemedicine and Limited State Telemedicine Registrations. This proposed rule would establish three special registrations, creating pathways for telehealth practitioners to prescribe, and online platforms to dispense, certain controlled substances via telemedicine after flexibilities expire on December 31, 2025. However, it is unclear whether the incoming Trump administration will move forward with the proposed approach for special registration.
IN DEPTH
WHY IT MATTERS
Current federal telehealth-focused controlled substance prescribing flexibilities, initially invoked in response to the COVID-19 public health emergency (PHE), will expire December 31, 2025.
Absent the flexibilities, current law would require telemedicine providers to perform an in-person medical evaluation of a patient prior to prescribing a controlled substance, with certain limited exceptions. One such exception is for providers who hold a “special registration,” the details of which were left within the DEA’s purview. This is the first time the DEA has proposed a special registration since the passage of the Ryan Haight Online Pharmacy Consumer Protection Act of 2008, when it was originally required.
The proposed rule would establish three types of special registrations for telemedicine:
Telemedicine Prescribing Registration, authorizing qualified clinician practitioners to prescribe Schedule III – V controlled substances via telemedicine
Advanced Telemedicine Prescribing Registration, authorizing qualified specialized clinician practitioners (e.g., psychiatrists and hospice care physicians) to prescribe Schedule II – V controlled substances via telemedicine
Telemedicine Platform Registration, authorizing covered online telemedicine platforms, in their capacity as platform practitioners, to dispense Schedule II – V controlled substances.
Special registrants would be required to maintain a State Telemedicine Registration (issued by the DEA) for every state in which the special registrant treats patients, unless otherwise exempted.
The proposed rule would also impose detailed requirements for practice standards, prescription information, and documentation, including requirements related to prescription drug monitoring program (PDMP) checks, use of audio-video technology, restrictions on Schedule II controlled substances, data reporting to the DEA, identity verification, clinician credentialing, and record retention.
The proposed rule was released just days before the incoming Trump administration takes office. Whether the new administration will allow the proposed rule to remain open for public comment or take a different approach remains unclear.
BACKGROUND
Under the Ryan Haight Act, a telemedicine provider is required to perform an in-person medical evaluation of a patient prior to prescribing a controlled substance, with certain limited exceptions. One such exception is for providers who hold a “special registration.” The Ryan Haight Act requires the DEA to establish the circumstances and procedures under which a special registration may be issued. In the more than 16 years since the act’s passage, the DEA has failed to implement such a process, even though Congress imposed a deadline of October 2019 in the 2018 SUPPORT for Patients and Communities Act for the promulgation of final regulations.
In March 2020, in response to the PHE, the DEA invoked flexibilities that allow for prescribing controlled substances via telemedicine without an initial in-person visit. The current extension of the flexibilities, pursuant to a November 2024 rule, authorizes all DEA-registered practitioners to prescribe Schedule II – V controlled medications via telemedicine without an initial in-person examination through December 31, 2025.
Stakeholders had hoped that the DEA would permanently adopt flexibilities for telemedicine prescribing of controlled substances after the PHE, including finally adopting a special registration process. In February 2023, the DEA and the Substance Abuse and Mental Health Services Administration proposed two rules: the general telemedicine rule and the buprenorphine rule. The two proposals would have established additional potential pathways for prescribing certain controlled substances in limited quantities via telemedicine without an initial in-person medical examination while also imposing detailed recordkeeping requirements. Notably, the proposed rules did not include a special registration process for telemedicine providers.
The DEA received a record 38,000 comments in response to the February 2023 proposed rules, including comments from federal lawmakers. Many stakeholders pointed out that the requirement for an in-person evaluation would make it more challenging for certain patients – those facing significant barriers to accessing care without telemedicine – to continue receiving the controlled medications they need. Subsequently, the DEA issued temporary rules in May 2023 and October 2023 extending the telemedicine flexibilities through December 31, 2024, and stated that it anticipated releasing a final rule addressing telemedicine prescription of controlled substances in fall 2024. In November 2024, the DEA further extended the flexibilities through December 31, 2025, stating that the extension would give it time to promulgate proposed and final rules on telemedicine prescribing and “ensure a smooth transition for patients and practitioners that have come to rely on the availability of telemedicine for controlled substance prescriptions.”
THE PROPOSED RULE
The DEA stated that it has determined that the best course of action to ensure patient access to care while maintaining sufficient safeguards to detect and protect against the diversion of controlled substances is to establish and maintain a separate special registration process for telemedicine.
The special registration would only apply where the prescribing practitioner intends to prescribe controlled substances and has not conducted an in-person medical evaluation of the patient prior to the issuance of the prescription. The proposed special registration would not be applicable to practitioner-patient relationships in which there has been a prior in-person medical evaluation of the patient by the practitioner. The special registration also would not apply to the other forms of the practice of telemedicine authorized under the Ryan Haight Act, including those authorized under the 2025 Expansion of Buprenorphine Treatment via Telemedicine Encounter final rule.
THREE REGISTRATION TYPES
The DEA proposes three types of special registrations for telemedicine. To be eligible for a special registration, the applicant would need to demonstrate a legitimate need for a special registration. An applicant for a special registration also would be required to already have one or more DEA registrations to prescribe (if a clinician practitioner) or dispense (if a platform practitioner), unless otherwise exempt.
The Telemedicine Prescribing Registration would authorize qualified clinician practitioners to prescribe Schedule III – V controlled substances via telemedicine.
The DEA determined that clinician practitioners have a legitimate need to prescribe Schedule III – V controlled substances when they anticipate treating patients for whom requiring an in-person medical evaluation prior to prescribing could impose significant burdens on bona fide practitioner-patient relationships (e.g., severe weather conditions, living in remote or distant areas, or having communicable diseases).
The Advanced Telemedicine Prescribing Registration would authorize qualified specialized physicians and board-certified mid-level practitioners to prescribe Schedule II – V controlled substances via telemedicine.
To be eligible for an advanced telemedicine prescribing registration, physicians and board-certified mid-level practitioners would need to demonstrate a legitimate need for a telemedicine prescribing registration, as described above, as well as a legitimate need for the prescribing of Schedule II controlled substances. Balancing concerns for vulnerable populations and the high potential for abuse of Schedule II controlled substances, the DEA determined that only the following seven categories of specialized physicians and board-certified mid-level practitioners have a legitimate need for the advanced telemedicine prescribing registration:
Psychiatrists
Hospice care physicians
Palliative care physicians
Physicians rendering treatment at long-term care facilities
Pediatricians
Neurologists
Mid-level practitioners and physicians from other specialties who are board-certified in the treatment of psychiatric or psychological disorders, hospice care, palliative care, pediatric care, or neurological disorders unrelated to the treatment and management of pain.
Clinician practitioners would be required to furnish information on the special registration application that demonstrates their specialized training – for example, board certification, specialized training, or the percentage of their overall practice that falls within one of the specialized practices). Mid-level practitioners would be required to be board-certified. The DEA seeks input on whether other types of practitioners should be included if they can demonstrate specific training and expertise in managing conditions that are traditionally treated with Schedule II controlled substances, and on alternative methods to ensure that practitioners seeking to prescribe Schedule II controlled substances have the appropriate training and expertise to do so safely.
The Telemedicine Platform Registration would authorize covered online telemedicine platforms to dispense Schedule II – V controlled substances through a clinician practitioner possessing either a telemedicine prescribing registration or an advanced telemedicine prescribing registration.
The DEA notes that the term “dispense” in the Controlled Substances Act means “to deliver a controlled substance to an ultimate user, which includes the prescribing and administering of a controlled substance” and encompasses “not only the physical act of handing out medications, but the broader process of providing medications to patients under the direction of a licensed healthcare provider.” The DEA also notes that by serving as intermediaries for the prescribing of controlled substances, covered online telemedicine platforms qualify as “practitioners” engaged in dispensing.
The DEA proposes to define “covered online telemedicine platform” as an entity that facilitates connections between patients and clinician practitioners via an audio-video telecommunications system for the diagnosis and treatment of patients that may result in the prescription of controlled substances, but is not a hospital, clinic, local in-person medical practice, or insurance provider, and meets one or more of the following criteria:
The entity explicitly promotes or advertises the prescribing of controlled substances through the platform.
The entity has financial interests, whether direct incentives or otherwise, tied to the volume or types of controlled substance prescriptions issued through the platform, including but not limited to ownership interest in pharmacies used to fill patients’ prescriptions or rebates from those pharmacies.
The entity exerts control or influence on clinical decision-making processes or prescribing related to controlled substances, including but not limited to prescribing guidelines or protocols for clinician practitioners employed or contracted by the platform; consideration of clinician practitioner prescribing rates in the entity’s hiring, retention, or compensation decisions; imposing explicit or de facto prescribing quotas; or directing patients to preferred pharmacies.
The entity has control or custody of the prescriptions or medical records of patients who are prescribed controlled substances through the platform.
The DEA states that this definition is intended to limit the special registration requirements to only those direct-to-consumer online telemedicine platforms that play a substantial and integral role as intermediaries in the remote dispensing of controlled substances. The DEA notes that ownership and operation of the online or digital system or platform on which the virtual visit takes place are not mandatory criteria within the proposed definition of a covered online telemedicine platform. Similarly, an entity solely operating a platform or system that merely provides the technological service or conduit for a telemedicine encounter to occur, without the presence of one of the additional four factors, would not constitute a covered online telemedicine platform. The definition of covered online telemedicine platform also explicitly excludes certain types of entities whose primary business operations do not rely on, or center around, telemedicine services, including hospitals, clinics, insurance providers, and local in-person medical practices (defined as medical practices where less than 50% of the prescriptions for controlled substances collectively issued by the practice’s physicians and mid-level practitioners are issued via telemedicine in any given calendar month).
The DEA has determined that covered online telemedicine platforms, in their capacity as platform practitioners, have a legitimate need to dispense Schedule II – V controlled substances when they:
Anticipate providing necessary services to introduce or facilitate connections between patients and clinician practitioners via telemedicine for the diagnosis, treatment, and prescription of controlled substances
Are compliant with federal and state regulations
Provide oversight over clinician practitioners’ prescribing practices
Take measures to prioritize patient safety and prevent diversion, abuse, or misuse of controlled substances.
STATE TELEMEDICINE REGISTRATIONS
The DEA would also require the special registrant to maintain a state telemedicine registration for every state in which the special registrant treats patients, unless otherwise exempted. This registration would be issued by the DEA and not by individual states and would operate as an ancillary credential, contingent on the special registration held by the special registrant.
Both clinician practitioners and online telemedicine platforms would be subject to this requirement.
APPLICATION PROCESS
Creation of Form 224S, Form 224S-M, and Fees
The DEA proposes issuing a new registration application, Form 224S, Application for Special Registration for Telemedicine Under the Controlled Substances Act, tailored for special registrations. The registration would last for three years. The registration fee would be $888 for any one of the three types of special registration. The fee for the platform practitioner state telemedicine registration would be $888 for each state in which a state telemedicine registration is sought; however, the clinician practitioner state telemedicine registration would be discounted to $50 for each state in which the clinician practitioner seeks a state telemedicine registration. The DEA notes in its discussion that fees for the state telemedicine registration for clinician practitioners would be discounted to account for the expected lower volume of telemedicine that would be conducted by clinician practitioners compared to covered online telemedicine platforms.
Registrants would be required to notify the DEA within 14 business days of any modification or changes to the information provided in their original application (Form 224S) via a new form, Form 224S-M. For example, if a clinician holding a special registration began employment with a new direct-to-consumer online telemedicine platform not previously disclosed on the clinician’s original Form 224S, the clinician would be required to submit a Form 224S-M.
Physical Location Requirement
All applicants would be required to designate one of their existing 21 U.S.C. 823(g) registered locations as the registered location/physical address (special registered location) of their special registration. The special registered location would serve as the physical point of contact for DEA inquiries and compliance actions. As discussed below, records arising from telemedicine encounters under the special registration would be required to be maintained at the special registered location.
Additional Disclosures
The applicant would be required to provide certain disclosures and attestations on Form 224S, which the DEA states will “enhance transparency, patient safety, and anti-diversion efforts”:
Platform practitioners applying for the telemedicine platform registration would be required to attest to all employment, contractual relationships, or professional affiliations with any clinician special registrant and online pharmacy, and their respective registration numbers. Likewise, clinician practitioners applying for the telemedicine prescribing registration or the advanced telemedicine prescribing registration would be required to attest to all employment, contractual relationships, and professional affiliations, including but not limited to those with covered online telemedicine platforms (and the respective online telemedicine platform’s telemedicine platform special registration number, if applicable).
Clinician practitioners and platform practitioners would be required to attest that they have devised and are committed to maintaining anti-diversion policies and procedures.
Clinician practitioners applying for the advanced telemedicine prescribing registration would be required to disclose their practice specialties.
For each type of special registration, applicants would be required to attest to their legitimate need on their special registration application.
PRACTICE STANDARDS
Under the proposed rule, registrants would be required to adhere to certain practice standards, such as:
Prescription Origination Within the United States. A clinician special registrant must be physically present in the United States when conducting a telemedicine encounter and issuing a special registration prescription. The clinician also would be required to hold the proper licensure and authorization within the state and territory where the practitioner is located when the telemedicine encounter takes place.
Electronic Prescribing for Controlled Substances (ECPS). All special registration prescriptions must be issued through ECPS.
PDMP Adherence. For the first three years after enactment of the special registration process, clinician special registrants would be required to check the PDMPs for the state or territory where the patient is located, the state or territory where the clinician practitioner is located, and any state or territory with PDMP reciprocity agreements with either the state or territory where the patient is located or the state or territory where the clinician practitioner is located. After three years, all clinician special registrants would be required to verify the identity of the patient and run a nationwide PDMP check of all 50 states and any US district or territory that maintains its own PDMP (referred to as the nationwide PDMP check).
If there is no mechanism to perform the nationwide PDMP check after three years, individual special registrants would continue to be required to perform PDMP checks of the states in the three categories described above. Individual special registrants would only be able to issue special registration prescriptions for Schedule II controlled substances to patients located within the same state as the individual special registrant.
The DEA acknowledges that it is currently unlikely that any one healthcare provider has access to all PDMPs nationwide but recognizes that current efforts to standardize, centralize, and interconnect PDMP data are making headway.
Audio-Video Telecommunications. A clinician special registrant would be required to utilize both audio and video components of an audio-video telecommunications system to prescribe under the special registration framework for every telemedicine encounter, whether for an initial visit or subsequent visit or follow-up.
Schedule III – V Special Registration Prescriptions for Opioid Use Disorder. Clinician special registrants would be allowed to issue special registration prescriptions for, and platform special registrants would be allowed to dispense, Schedule III – V controlled substances approved by the US Food and Drug Administration (FDA) for the treatment of opioid use disorder (OUD) through the use of an audio-only telecommunications system, provided that the treatment was initiated through the use of an audio-video telecommunications system. Currently, the only Schedule III – V narcotic drug approved by the FDA for the treatment of OUD is buprenorphine.
The DEA acknowledges that the Expansion of Buprenorphine Treatment via Telemedicine Encounter final rule allows a DEA-registered practitioner without a special registration to issue a prescription for a Schedule III – V controlled substance approved by the FDA for the treatment of OUD via audio-only or audio-video telemedicine for an initial consecutive six-month supply. Following the initial six-month supply, practitioners may prescribe the controlled substance by other forms of the practice of telemedicine authorized under the Controlled Substances Act (such as pursuant to a special registration) or after conducting an in-person medical evaluation.
Schedule II Controlled Substance Prescriptions. The DEA proposes two requirements for special registration prescriptions for Schedule II controlled substances, indicating that it anticipates imposing one or both requirements based on stakeholder comments.
The first proposed requirement would require that the clinician special registrant be physically located in the same state as the patient when issuing a special registration prescription for a Schedule II controlled substance.
The second proposed requirement would require that the average number of special registration prescriptions for Schedule II controlled substances constitute less than 50% of the total number of Schedule II prescriptions issued by the clinician special registrant in their telemedicine and non-telemedicine practice in a calendar month.
Schedule II Controlled Substance Prescriptions for Minors. In addition to the proposed requirements for Schedule II controlled substances described above, clinician special registrants who are pediatricians or board-certified in pediatric care prescribing Schedule II controlled substances to a minor would be required to prescribe in the presence of the minor’s parent or guardian.
State Law Considerations. When issuing a special registration prescription, a special registrant must comply with the laws and regulations of the state in which the special registrant is located and the state in which the patient is located during the telemedicine encounter.
PRESCRIPTION REQUIREMENTS AND “RED FLAG” CONSIDERATIONS
All prescriptions for controlled substances, whether issued via telemedicine or on the basis of an in-person encounter, are required to include the elements specified in 21 CFR 1306.05(a): signature of the prescriber; issue date; patient’s full name and address; drug details (name, strength, dosage form, and quantity); directions for use; and the practitioner’s name, address, and DEA registration number. The special registration proposed rule would require two additional elements for special registration prescriptions:
The special registration numbers of the clinician practitioner and, if a platform practitioner facilitated the prescription, the platform practitioner
The state telemedicine registration numbers of the clinician practitioner and, if a platform practitioner facilitated the prescription, the platform practitioner (unless exempt from the state telemedicine registration requirements).
The DEA indicates that the inclusion of the special registration number would allow pharmacists to determine if the clinician practitioner has the authority to prescribe a Schedule II controlled substance under the special registration while the inclusion of the state telemedicine registration numbers would allow pharmacists to verify that patients are only being prescribed special registration prescriptions by special registrants authorized to practice in the specific state where the patient is located. The DEA notes that pharmacists occasionally encounter what they may perceive as “red flags” for certain telemedicine prescriptions, which can stem from the nature of telemedicine itself, where patients may receive prescriptions from prescribers located at distances far away (both inside and outside the state where the patient is located). The geographical distance can raise doubts about the legitimacy of the prescription and could lead pharmacists to question its validity and refuse to fill the prescription. The DEA suggests that by verifying state telemedicine registration numbers, pharmacists would receive a level of assurance that a special registration prescription is legitimate when it originates from a prescriber located a significant distance from the patient.
DOCUMENTATION REQUIREMENTS
The special registration proposed rule includes the following documentation requirements:
Patient Verification and Photographic Record. Clinician special registrants would be required to establish and maintain photographic records for patient verification. The DEA would require that these records be maintained for two years from the date of the telemedicine encounter.
If the patient does not consent to their photo being captured, the clinician special registrant (or a delegated employee or contractor under the special registrant’s direct supervision) would be allowed to accept a copy of the patient’s federal or state government-issued photo identification card or other forms of documentation provided by the patient.
Special Registration Telemedicine Encounter Record. Clinician special registrants would be required to maintain a record of the date and time of the telemedicine encounter, the address of the patient during the telemedicine encounter, and the home address of the patient. The DEA would require that these records be maintained for two years from the date of the telemedicine encounter.
Credentialing and Clinician Records. Platform special registrants would be required to maintain and update records related to clinician special registrants with whom they enter and maintain a covered platform relationship, including:
Verification of the clinician special registrant credentials, including but not limited to records on education, training, board or specialty certifications, and special registration number and state telemedicine registration number(s)
The employment contract and any other contract between the platform special registrant and the clinician special registrant
Any disciplinary actions or sanctions, or documentation of complaints, disputes, or incidents involving the practice of telemedicine.
Platform special registrants would be required to maintain and update these records every two years and make them readily available to the DEA.
Data Reporting. Pharmacies dispensing special registration prescriptions would be required to report monthly aggregated special registration prescription data on Schedule II controlled substances and certain Schedule III – V controlled substances. Special registrants would be required to report annually aggregated information about their telemedicine practice, including the number of new patients they treat through telemedicine and the total number of special registration prescriptions for Schedule II controlled substances and certain Schedule III – V controlled substances dispensed for the preceding year.
Recordkeeping at the Special Registration Location. The proposed rule would require that records arising from telemedicine encounters under the special registration framework be kept at the special registered location. The DEA acknowledges that, given telemedicine’s nationwide reach – where a special registrant could serve patients in any state – it would pose an unreasonable administrative burden to require the special registrant to maintain records in every state where telemedicine patients are located.
NEXT STEPS AND INCOMING TRUMP ADMINISTRATION
Stakeholders will have 60 days to comment after publication of the special registration proposed rule in the Federal Register. The DEA encourages input on appropriate implementation timelines, or on-ramps for phased or gradual adoption, to help ensure a smoother transition when the final rule takes effect. Practitioners, pharmacies, and industry stakeholders are encouraged to provide their input on the time necessary to operationalize the proposed requirements.
However, the upcoming administration change may affect when – or if – the special registration proposed rule is adopted. Once in office, President-elect Donald Trump is expected to sign an executive order pausing many of the rules proposed by the Biden administration. It is unclear if this rule will be included. Because this proposed rule is a long-awaited attempt by the DEA to create a special registration, the incoming administration may choose to keep the proposed rule open in order to review public comments on the proposed approach. These comments could help inform future rulemaking. If the proposed rule remains open for public comment, stakeholders should consider providing feedback to help educate and inform the new administration on this approach.
Massachusetts Launches Online Portal for Filing Workforce Demographic Data
Massachusetts recently opened the portal that certain employers must use to submit their workforce demographic data to the state by February 3, 2025.
Quick Hits
A new law in Massachusetts requires employers to report their workforce demographic data to the state each year.
The state just opened the online portal for submitting the data.
The deadline to file the data is February 3, 2025.
The federal government requires certain employers to submit workforce demographic data in a report, called an EEO-1 form, each year. Under a new state law, the Francis Perkins Workplace Equity Act, Massachusetts employers with one hundred or more employees (and which are subject to EEO-1 reporting obligations) must send their most recent EEO-1 report to the state each year.
The state recently opened a new portal that employers must use to submit their data.
The site does not require login information, but it allows the direct upload of the reports through the provided link. The instructions direct filers to make sure the uploaded file name contains the legal name of the filing entity and the type of report being filed, such as EEO-1 reports.
The instructions provide contact information for several agencies that can answer questions concerning the implementation and interpretation of the filing requirement.
The Massachusetts Executive Office of Labor and Workforce Development (EOLWD) recently published guidance in the form of frequently asked questions (FAQs) to help employers comply with the workforce demographic reporting requirements.
Although this notice shows the filing deadline is February 1, 2025, the EOLWD has said that filings will be accepted through February 3, 2025. Employers do not need to include pay data this year.
Next Steps
Massachusetts employers may wish to make the necessary preparations to file the required reports with the state before the deadline using the newly opened online portal. As a reminder, EOWLD has stated that employers need only file the most recent EEO-1 reports they have. The filing platform for the 2024 EEO-1 reports has not opened yet.
DOJ Reports Nearly $3 Billion in FCA Settlements, Judgments for FY 2024
Headlines that Matter for Companies and Executives in Regulated Industries
DOJ Reports Nearly $3 Billion in FCA Settlements, Judgments for FY 2024
On January 15, the US Department of Justice (DOJ) reported that settlements and judgments under the False Claims Act (FCA) totaled more than $2.9 billion in fiscal year 2024. The government and whistleblowers were involved in 558 FCA settlements and judgments, marking the second-highest total after fiscal year 2023’s record of 566 recoveries. Whistleblowers also filed the highest number ever of qui tam lawsuits, totaling 979 this past fiscal year.
Health care fraud accounted for the majority of FCA settlements and judgments. Over $1.67 billion of the FCA settlements and judgments reported in fiscal year 2024 related to health care matters, including managed care providers, hospitals, pharmacies and pharmaceutical companies, and physicians. The cases related to the health care industry involved, among other things, the opioid epidemic, unnecessary services and substandard care, Medicare Advantage matters, and unlawful kickbacks.
The DOJ statistics sheet can be found here and the press release can be found here.
Pharmacy to Pay $625,000 to Resolve FCA Allegations
On January 13, a settlement was finalized between a pharmacy located in New Jersey, Medsinbox Pharmacy LTC LLC, and the federal and New Jersey state governments. Pursuant to the settlement agreement, Medsinbox agreed to pay $625,000 to settle allegations that it violated the FCA by billing Medicare and Medicaid for prescriptions that it never actually distributed.
The government alleged that between 2019 and 2022, Medsinbox knowingly submitted claims for reimbursement to the federal Medicare and Medicaid programs for medications that it never actually gave to beneficiaries. According to the government, Medsinbox inventory records indicate that the pharmacy never purchased the amount of prescriptions that it claims to have filled and billed to Medicare and Medicaid programs.
The settlement is available here and the DOJ press release can be found here.
Firm Founder Pleads Guilty for Role in $9 Million Cryptocurrency Investment Fraud
On January 9, Travis Ford, the founder of a cryptocurrency investment firm, pleaded guilty for his role in a $9 million fraud conspiracy. Ford pleaded guilty to one count of conspiracy to commit wire fraud, for which he faces up to five years in prison.
According to the government, Ford was the co-founder of cryptocurrency investment firm Wolf Capital Crypto Trading LLC. As alleged, Ford made false promises to solicit investments through social media and other internet platforms, including by purporting to be a sophisticated trader able to deliver returns of 1-2% daily despite admitting that those returns were not realistic. The government alleged that Wolf Capital raised $9.4 million through Ford’s conduct and Ford then misappropriated the investor funds for his own use.
The DOJ press release can be found here.
TikTok Ban Upheld By SCOTUS– Is TCR Next?
So the US Supreme Court today upheld a law requiring that abysmal TikTok app to either by sold or face a nationwide ban.
The basis for the law is TikTok’s foreign ownership and the massive amount of data available to the Chinese government as a result.
I’m a huge fan of the ban, but mostly because I’m a geezer that thinks kids these days spend too much time staring at their phones.
Still, the national security concerns are very legitimate and resonate well beyond TikTok– for instance The Campaign Registry is still tracking most every 10DLC SMS campaign in the country and is still foreign owned.
I suspect new FCC Chairman Carr–with his focus on national security– and Olivia Trusty (Trump’s new FCC pic) will take a very dim view of TCR’s foreign ownership and I suspect a similar sale or ban ruling may be in the cards.
We’ll see.
SHE BELONGS!: Trump’s New FCC Pick Olivia Trusty Appears Incredibly Well Qualified– and Even Had a Hand Drafting the TRACED Act
Usually when there is a nomination to the FCC the individual nominated is at least somewhat within the Czar’s orbit.
Truthfully, Ms. Trusty is not. Other than being connected on LinkedIn–not even sure how that happened– I don’t recall running across Ms. Trusty, but her career as a Congressional staffer appears to have been quite impactful (impressive.)
Some quick notes about her background.
She’s an athlete–love that– and was a member of the Tar Heels gymnastics team back in the early 2000s. (She was even the “Gymnast of the Week” back in January, 2004.)
Her passion for athletics undoubtedly lead her to assist with the EMPOWERING OLYMPIC AND AMATEUR ATHLETES ACT OF 2019, where she had a significant role assisting Senator Wicker in moving the bill forward. The bill arose following the conviction of Dr. Nassar who had abused Olympians, and resulted in 18 months of interviews with athlete survivors and 4 subcommittee hearings before the law emerged.
Nearer and dearer to TCPAWorld reader’s hearts–Trusty was on the team that developed the Traced Act.
As we reported a while back, Senator Thune–who is credited as one of the chief architects of the Traced Act–is now the ranking Republican in the Senate. I do not view it as a coincidence that Trusty now finds herself headed to the FCC after helping to craft that statute–which is easily the most impactful telecom law to pass in a decade.
In the words of Thune himself, Ms. Trusty “worked tirelessly to help develop and advance [the TRACED Act.]”
So.. yeah. Trusty knows her way around the TCPA.
And that is no surprise since she was the Republican policy director for the Senate Commerce, Science and Transportation Committee Communications, Media and Broadband Subcommittee (Jan. 2019- Dec. 2022). That’s just the Subcommittee with jurisdiction over all sectors of communications phone calls and the internet.
And then before that was a senior consultant in Verizon’s Government Relations team and a Senior Policy Representative for Qwest Communications.
So… yeah.
Trusty feels like a no-brainer. But there’s even more to her background that is interesting.
Check out this bullet point on her resume:
Senate Armed Services Committee Cybersecurity Subcommittee (Jan. 2023-), Staff Lead, Republican
Yeah. She helped lead the subcomittee on cybersecurity. And now she’s teaming up with Chairman Carr who has stated a key focus of the FCC should be national security. (I wonder how she’s going to feel about foreign-owned TCR collecting all that data about American text practices?)
And no surprise, Trusty also had a hand in crafting the National Defense Authorization Act, addressing a broad range of issues, from strategic competition with China and Russia to countering threats to Iran, North Korea and violent extremists. Most importantly, the bill authorized record level investments in key technologies– including artificial intelligence.
Trusty is also exceptionally well traveled. According to the Congressional Foreign Travel Financial Reports Ms. Trusty has visited Australia, New Zealand, Switzerland, Argentina, Chile, Egypt, Jordan, Singapore, Japan, South Korea, Taiwan and Israel in just the last couple of years–probably in furtherance of her efforts supporting the Senate Armed Services committee.
So yeah.
Trusty Trusty (as you can expect to hear me call her from now on) is a VERY solid candidate. But also the sort of institutionalist I am surprised (but glad) Trump went with.
I am impressed. Top to bottom. Look forward to working with her office– assuming she is formally nominated and approved, which seems very likely given her background and the Senate composition.
(Special thanks to our new clerk Gabby for the great investigation work here– nice job!)
CFPB Issues Order for Financial Data Exchange to Issue Standards under CFPB’s Personal Financial Data Rights Rule
On January 8, 2025, the Consumer Financial Protection Bureau (CFPB) issued an order recognizing Financial Data Exchange, Inc. (FDX) as a standard-setting body under the CFPB’s Personal Financial Data Rights rule. The order of recognition is the first to be issued under the rule. The Personal Financial Data Rights rule, released in October 2024, requires financial institutions, credit card issuers, and other financial providers to unlock an individual’s personal financial data and transfer it to another provider at the consumer’s request for free. The CFPB established a formal application process outlining the qualifications to become a recognized industry standard-setting body, which can issue standards that companies can use to help them comply with the CFPB’s rules. The CFPB also issued updated procedures for companies seeking special regulatory treatment, such as through “no-action letters.”
FDX is a standard-setting organization operating in the United States and Canada. It has over 200 member organizations, including depository and non-depository commercial entities, data providers and recipients, data aggregators, service providers to open banking participants, trade and industry organizations, and other non-commercial members, including consumer groups. FDX’s stated primary purpose is to develop, improve and maintain a common, interoperable standard for secure consumer and business access to financial records.
In September 2024, the CFPB received the application for recognition from FDX. CFPB published the application from FDX for public comment later that month. The application was then the first to be published for public comment.
The CFPB approved the application, subject to several conditions. In June 2024, the CFPB finalized a rule outlining the qualifications to become a recognized industry standard-setting body. The rule issued in June identifies the five key qualifications that standard-setting bodies must demonstrate to be recognized by the CFPB, including openness, transparency, balanced decision-making, consensus, and due process and appeals.
The order recognizes FDX as an industry standard-setting body for five years. The CFPB continues to evaluate other applications for recognition.