This Week in 340B: January 14 – 20, 2025
Find this week’s updates on 340B litigation to help you stay in the know on how 340B cases are developing across the country. Each week we comb through the dockets of more than 50 340B cases to provide you with a quick summary of relevant updates from the prior week in this industry-shaping body of litigation.
Issues at Stake: HRSA Audit Process; Contract Pharmacy; Rebate Model; Other
In one Health Resources and Services Administration (HRSA) audit process case, the government filed a motion to dismiss.
In two HRSA audit process cases, the government filed reply briefs in further support of the government’s motion to dismiss.
A drug manufacturer filed suit against HRSA to challenge HRSA’s disapproval of its proposed rebate model.
A 340B covered entity filed suit against HRSA, alleging that HRSA prevented it from accessing the 340B Program.
A 340B covered entity filed suit against HRSA to challenge HRSA’s determination that certain clinics were not eligible for the 340B program, and, in the same case, the court issued an administrative stay.
In three cases challenging proposed state laws governing contract pharmacy arrangements in Missouri and West Virginia:
MO: Defendants and intervenors separately filed reply suggestions in support of the motion to dismiss.
WV: Plaintiffs in two separate cases filed oppositions to defendants’ motions to consolidate
Matt David, associate in McDermott’s Los Angeles office, also contributed to this blog post.
IRS Roundup January 6 – 10, 2025
Check out our summary of significant Internal Revenue Service (IRS) guidance and relevant tax matters for the week of January 6, 2025 – January 10, 2025.
January 6, 2025: The IRS released Internal Revenue Bulletin 2025-2, which includes Announcement 2025-2. The announcement states that, if finalized, certain portions of proposed regulations on required minimum distributions under Section 401(a)(9) of the Internal Revenue Code (Code) will not apply before the 2026 distribution calendar year.
January 7, 2025: The IRS reminded taxpayers that final 2024 quarterly estimated tax payments are due January 15, 2025.
January 7, 2025: The IRS announced that the IRS Free File Guided Tax Software is now available through eight private-sector partners for taxpayers with adjusted gross income of $84,000 or less in 2024. One partner will offer a product in Spanish.
January 7, 2025: The IRS reminded taxpayers that IRS-certified volunteers are available to help qualified individuals file federal tax returns. Taxpayers can also sign up to volunteer with the Volunteer Income Tax Assistance or Tax Counseling for the Elderly programs.
January 8, 2025: National Taxpayer Advocate (NTA) Erin M. Collins released her 2024 Annual Report to Congress. The report identifies the 10 most serious problems involving taxpayers’ interactions with the IRS and makes administrative and legislative recommendations to address said problems. NTA Collins found overall improvement in the IRS’ service to taxpayers but also acknowledged persistent challenges, including delays in processing Employee Retention Credit claims and resolving Identity Theft Victim Assistance cases.
January 8, 2025: The IRS issued Revenue Ruling 2025-3, which addresses whether Section 530 of the Revenue Act of 1978, Pub. L. No. 95-600, as amended (Section 530) (addressing controversies involving whether individuals are employees for purposes of employment taxes), or the reduced rates of Code Section 3509 apply in five factual situations articulated in the ruling. The ruling also addresses whether the IRS will issue a notice of employment tax determination under Code Section 7436 in these same five situations.
The IRS also issued Revenue Procedure 2025-10 to provide updated guidance regarding the implementation of Section 530.
January 8, 2025: The IRS issued Revenue Procedure 2025-11, which provides the process under Code Section 48E(h) to apply for an allocation of capacity limitation as part of the Clean Electricity Low-Income Communities Bonus Credit Amount Program for 2025 and subsequent years. Receipt of an allocation increases the amount of the clean electricity investment credit determined under Section 48E(a) for the taxable year in which the applicable facility, with which the allocation of capacity limitation is associated, is placed in service. The revenue procedure provides guidance regarding the application process, including application review, documentation requirements, and placed in service reporting requirements. It also provides information on requirements specific to the Additional Selection Criteria application options, including documentation submission requirements, and describes how the capacity limitation will be divided across the facility categories.
January 10, 2025: The IRS announced that individuals and businesses in southern California affected by wildfires and straight-line winds designated by the Federal Emergency Management Agency, including taxpayers in Los Angeles County, now have until October 15, 2025, to file federal individual and business tax returns and make tax payments. The new deadline applies to:
Individual income tax returns and payments normally due April 15, 2025
2024 contributions to individual retirement accounts (IRAs) and health savings accounts
2024 quarterly estimated income tax payments normally due January 15, 2025, and estimated tax payments normally due April 15, June 16, and September 15, 2025
Quarterly payroll and excise tax returns normally due January 31, April 30, and July 31, 2025, among other filings.
Additionally, qualifying individuals and businesses that suffered uninsured or unreimbursed disaster-related losses can choose to claim them on either the return for the year the loss occurred (in this instance, the 2025 return normally filed next year), or the return for the prior year (2024).
The announcement also reminds taxpayers that qualified disaster relief payments are generally excluded from gross income, and that affected taxpayers who participate in a retirement plan or IRA may be eligible to take a special disaster distribution that would not be subject to the additional 10% early distribution tax.
January 10, 2025: The IRS announced that the 2025 tax season will start January 27, 2025. Direct File will open on that date for taxpayers in 25 states. Taxpayers can use the Where’s My Refund? tool within 24 hours of e-filing to check the status of their 2024 income tax refund. Refund information is normally available after four weeks for taxpayers who filed a paper return.
January 10, 2025: The IRS issued Notice 2025-10, announcing forthcoming proposed regulations that will address the clean fuel production credit determined under Code Section 45Z. This credit applies to eligible transportation fuel that is produced domestically after December 31, 2024, and sold by December 31, 2027. The notice also provides draft text for forthcoming proposed regulations and requests public comments.
The IRS also issued Notice 2025-11, providing additional guidance on fuel emissions rates for purposes of the Section 45Z credit and contains the initial emissions rate table described in Code Section 45Z(b)(1)(B)(i).
January 10, 2025: The IRS published final regulations that modify the rules for classifying digital asset transactions. The final regulations also provide rules for the classification of cloud transactions. These rules apply for purposes of the international provisions of the Code and are effective January 14, 2025.
The IRS issued Notice 2025-6 in connection with these final regulations. The notice requests comments on any potential implications if the characterization rules currently contained in Treasury Regulation §§ 1.861-18 and 1.861-19, as amended and added by the 2025 final regulations, are expanded to apply to all provisions of the Code.
January 10, 2025: The IRS issued final regulations that identify certain partnership transactions that trigger basis adjustments under Code Sections 734 and/or 743 as transactions of interest (a type of reportable transaction). Under the final regulations, material advisors and certain participants in these transactions are required to file disclosures with the IRS and are subject to penalties for failure to disclose. The final regulations contain a six-year lookback period and can require disclosure of transactions dating back to January 1, 2019. Additionally, the final regulations contain significant concessions in response to comments supplied to the original proposed version of the regulations. However, in the authors’ view, these concessions do not go nearly far enough, and the IRS may take the position that the final regulations are broad enough to apply to certain commonplace transactions that have little or no resemblance to the apparent abuse that the government seeks to curb.
January 10, 2025: The IRS issued proposed regulations, setting forth guidance for retirement plans that permit participants who reached age 50 to make additional elective deferrals that are catch-up contributions. The proposed regulations reflect statutory changes made by the SECURE 2.0 Act of 2022, including the requirement that catch-up contributions made by certain catch-up eligible participants be designated after-tax Roth contributions. The proposed regulations would affect participants in, beneficiaries of, employers maintaining, and administrators of certain retirement plans.
January 10, 2025: The IRS issued proposed regulations, setting forth guidance on automatic enrollment requirements that apply to retirement plans under Code Sections 401(k) and 403(b). The proposed regulations provide that, unless an employee opts out, a plan must automatically enroll the employee at an initial contribution rate of at least 3% of the employee’s pay and automatically increase the initial contribution rate by one percentage point each year until it reaches at least 10% of pay.
Cal/OSHA COVID-19 Regulation Sunsets February 3, 2025
The last California Division of Occupational Safety and Health (Cal/OSHA) COVID-19 regulation came into effect on February 3, 2023, with provisions scheduled to sunset on February 3, 2025. There have been no further regulatory developments or new regulations adopted, so all but one of the features of the regulation will no longer be in effect for California employers.
Quick Hits
Most of the current Cal/OSHA regulation ends on February 3, 2025.
The only provision of the regulation that remains in effect for another year (until February 3, 2026) is subsection 3205(j), which provides for reporting and recordkeeping including keeping a record of and tracking all COVID-19 cases and retaining any COVID-19 notices.
Section 3205.1 governing outbreaks sunsets completely.
Section 3205.2 and 3205.3 governing employer-provided housing and transportation completely sunset also.
While California employers will want to continue evaluating COVID-19 hazards in the workplace, the specific provisions of the Non-Emergency COVID-19 Standard no longer apply, giving employers increased flexibility in addressing COVID-19 in the workplace. The only continuing recordkeeping requirement is for employers to keep a record of and track all COVID-19 cases with the employee’s name, contact information, occupation, location where the employee worked, the date of the last day at the workplace, and the date of the positive COVID-19 test and/or COVID-19 diagnosis. The record must be retained for an additional two years.
California Labor Code Section 6409.6, which had previously required COVID-19 notices to employees, ended on January 1, 2024. Therefore, the references to issuing notices to employees is no longer valid, and COVID-19 notices are not required. The California Department of Public Health last issued a COVID-19 directive on January 9, 2024, but continues to have authority, if required, to update orders for the state.
Looking Back and Looking Forward: Healthcare Antitrust in a New Administration: What Stays the Same and What Changes?
President Trump was sworn into office on Monday, promising swift action on several fronts. There is already a new Federal Trade Commission (“FTC”) Chair, Andrew Ferguson, with former FTC Chair Lina Khan expected to step down shortly. At the Department of Justice, Antitrust Division (“DOJ”), proposed AAG Gail Slater will need to be confirmed by the Senate before she can take the helm.
Overall, our view is that antitrust enforcement in the new administration will be complicated. However, while the Biden administration has been criticized in some quarters for overreach in antitrust enforcement, there has been bipartisan consensus that certain industries, including Healthcare, have become too concentrated.
Healthcare Antitrust Enforcement Under Biden: Active to the Very End
The Biden administration’s FTC and DOJ were extraordinarily active in the healthcare space, not just bringing enforcement actions against various industry participants (some of which were brought on the literal last business day of the administration), but putting forth new guidance and rules, while withdrawing others. Some examples of the Biden administration’s healthcare-focused antitrust program included:
Merger Enforcement: The Biden FTC and DOJ adopted a stringent approach toward healthcare mergers, challenging transactions that threatened to excessively consolidate market power. This included both horizontal mergers between direct competitors and vertical mergers involving companies at different stages of the supply chain. The agencies were less inclined to settle merger challenges with remedies, often opting to block transactions outright to preserve competition. The administration scrutinized the role of private equity in the healthcare industry, particularly concerning acquisitions that could lead to monopolistic practices.
Conduct Investigations: The administration targeted anticompetitive practices in the healthcare and pharmaceutical industries, including “pay-for-delay” agreements and monopolistic behaviors that kept drug prices high. Notably, the FTC pursued investigations into pharmacy benefit managers (“PBMs”), examining their role in drug pricing and their potential conflicts of interest and releasing a staff interim report in the last few days of the outgoing Biden administration.
Withdrawal of Antitrust Healthcare Policy Statements and other Guidance: The agencies withdrew longstanding healthcare-specific policy statements that provided firms with clear guidance, including explicit safe harbors, about how to engage in certain conduct and transactions in the healthcare industry without running afoul of the antitrust laws. The withdrawal of the policy statements has introduced uncertainty to companies operating in the healthcare space and left them vulnerable to antitrust scrutiny for practices that were previously expressly permitted.
What will Federal Healthcare Enforcement Look Like Now?
Although particular priorities may change between administrations, the prior Trump administration pursued robust antitrust enforcement in the healthcare industry, and there is every reason to believe that the new Trump administration will pick up where the prior one left off. Below, are three specific areas to watch in the new administration:
More Guidance (Please)?: We are curious to see whether the old Healthcare Statements or Antitrust Guidelines for Collaborations Among Competitors (“Collaboration Guidelines”), which are highly relevant to the antitrust analysis of healthcare collaborations and joint ventures, are reinstated or new ones are introduced in this Trump administration. The two Republican FTC commissioners during the Biden administration, including the current new FTC Chair, Andrew Ferguson dissented from the prior decision to withdraw the Collaboration Guidelines and the decision was criticized by many conservative antitrust commentators. Although the healthcare industry will likely remain in the crosshairs for antitrust enforcement, a Trump administration will nonetheless likely be more business friendly and pragmatic in its approach to enforcement and reinstating guidance for industry participants would not be a surprising move for it to take.
“Middlemen” Still the Bogeymen?: We anticipate that the Trump administration will continue investigations into the role of middlemen in the healthcare industry—particularly PBMs—begun under the Biden administration. Trump has previously criticized PBMs for their role in inflating drug prices, and we will likely see continued efforts to investigate these entities, though whether either agency will pursue more novel theories of antitrust harm remains to be seen.
Merger Guidelines: Do they Stay or Do they Go (or Something in Between)?: As we have discussed in a previous post, the FTC and DOJ revised substantially the Merger Guidelines at the end of 2023, which is the substantive framework they use to evaluate whether they consider a proposed transaction to substantially lessen competition under Section 7 of the Clayton Act. While the new Guidelines have been in place for only a year, both Agencies have brought several successful litigations under them. Moreover, while they have been highly controversial, new FTC Chair Andrew Ferguson recently stated, “[o]n the question of, should they be rescinded, reformed, whatever, I don’t think they should be categorically rescinded. I don’t think we should get into a cycle where we are just rescinding guidelines every time the chairmanship changes hands. The guidelines will become useless to everyone if everyone thinks that they just embody the very particular preferences of a particular party.” But he noted in the same interview, “I am open to reforming them.”
CONCLUSION
Although we expect antitrust enforcement trends in healthcare to be broadly consistent between administrations, it is the differences that will be telling as we move forward into the Trump Presidency. And, even were the antitrust agencies to shift their priorities or approach under President Trump, that change would not affect the many states, like California, that have passed new healthcare-focused antitrust laws and implemented aggressive new enforcement regimes in recent years.
Listen to this post
At Long Last, DEA’s Remote Prescribing Rules 2.0 Are (Really) Here! (Pending Further Consideration by the Incoming Administration . . .)
Remote prescribing via telemedicine continues to be a huge area of interest among prescribers and other health care providers.
After publishing a Notice of Proposed Rulemaking (“NPRM”) in March 2023 on the prescribing of controlled substances via telemedicine that was widely criticized for being far more restrictive than temporary waivers then in place under the COVID-19 public health emergency, the Drug Enforcement Administration (“DEA”) went back to the drawing board.
Additional time and a new year has brought renewed focus. Published January 17 in the Federal Register as one NPRM and two final rules (collectively referred to herein as the “DEA’s 2025 Rules”), the DEA’s 2025 Rules seek, as DEA indicates in its press release, to “focus[] on the patient to ensure telemedicine is accessible for medical care.”
Background
The Ryan Haight Online Pharmacy Consumer Protection Act of 2008 (“Ryan Haight Act”) amended the federal Controlled Substances Act (“CSA”) to generally mandate that dispensing controlled substances via the Internet requires a valid prescription, which includes at least one (1) in-person medical evaluation. In conjunction with establishing this general rule, however, the Ryan Haight Act created seven telemedicine exceptions that allow a practitioner to prescribe controlled substances to a patient without an in-person evaluation as long as the practice complies with applicable federal and state laws and meets other specific requirements. These exceptions apply when:
a patient is physically located at a DEA-registered hospital or clinics, and the remote prescribing practitioner is DEA-registered in the state in which the patient is located;
a patient is being treated by a prescribing practitioner, and in the physical presence of a DEA-registered practitioner in the state in which the patient is located;
the prescribing practitioner is an employee or contractor of the Indian Health Service, acting within the scope of the practitioner’s employment, who has been designated an Internet Eligible Controlled Substances Provider by the U.S. Department of Health and Human Services (“HHS”);
the prescribing activity takes place during a public health emergency (“PHE”) declared by HHS under Section 247d of Title 42;
the practitioner has obtained a Special Registration with DEA;
there is a medical emergency that prevents the patient from being in the physical presence of an employee or contractor of the Veterans Health Administration and one of its hospitals or clinics, and immediate intervention by the practitioner using controlled substances is required to prevent injury or death; or
any other circumstances that DEA and HHS have jointly determined to be consistent with effective controls against diversion and otherwise consistent with the public health and safety.
In Epstein Becker Green’s podcast, “The DEA Is Knocking at Your Door…Are You Prepared,” we explained that before the COVID-19 PHE, telemedicine prescribers were required to have at least one in-person visit with a patient before prescribing a controlled substance, with limited exceptions. In response to the PHE, the DEA granted temporary flexibilities to the Ryan Haight Act in an effort to prevent lapses in patient care and which permitted, in certain instances, the prescribing of controlled substances via telemedicine even when there had not been any prior in-person medical evaluation.
The March 2023 NPRM, “Telemedicine Prescribing of Controlled Substances When the Practitioner and the Patient Have Not Had a Prior In-Person Visit” (“2023 Proposed Rule”), received a record number of comments—more than 38,000—causing the agency to reconsider its positions (see our previous post on the 2023 Proposed Rule).
In May 2023, DEA temporarily extended the telemedicine flexibilities issued during the COVID-19 pandemic while sifting through the comments, and in September 2023 hosted public listening sessions to hear publicly from stakeholders. In October 2023, DEA and HHS jointly issued a second temporary extension of these flexibilities through the end of 2024.
More recently, in November 2024, DEA and HHS once again jointly issued a third temporary extension of these flexibilities through the end of 2025. DEA stated in the November 2024 temporary rule that “[t]his additional time will allow DEA (and also HHS, for rules that must be issued jointly) to promulgate proposed and final regulations that are consistent with public health and safety, and that also effectively mitigate the risk of possible diversion.”
In the latest rulemaking, DEA and HHS released the following guidance:
Proposed Rule Regarding Special Registration for Telemedicine Providers and Companies
Final Rule Regarding Access to Buprenorphine Treatment Via Telemedicine
Final Rule Regarding Veterans’ Access to Controlled Substances Via Telemedicine
DEA’s 2025 Rules
In DEA’s 2025 Rules, the agency is proposing the following:
DEA Proposed Rule Regarding Special Registration for Telemedicine Providers and Companies
DEA is proposing, in a Notice of Proposed Rulemaking, to establish a Special Registration process that will permit patients to receive prescribed controlled substance medications via telemedicine encounters without requiring the prescribing provider to conduct an in-person medical evaluation (the “Special Registration Proposed Rule”). The Special Registration Proposed Rule aims to expand patient access to controlled substances through telemedicine, while balancing the need to prevent misuse and diversion. Through the Special Registration Proposed Rule, the DEA seeks to modernize regulations, provide continuity for telemedicine-based care following the COVID-19 PHE, and align regulations with statutory requirements under federal law. The Special Registration Proposed Rule would implement requirements for registration, heightened prescription standards, recordkeeping, and state-level compliance, aiming to create a robust structure that supports the safe expansion of telemedicine. However, the Special Registration requirements would not apply to the practice of telemedicine authorized under the Ryan Haight Act, including buprenorphine treatment via telemedicine encounter and continuity of care via telemedicine for Veterans Affairs patient, as addressed by the new final rules discussed in further detail below.
In the Special Registration Proposed Rule, DEA has outlined not one, but three separate types of registrations that would be available:
A Telemedicine Prescribing Registration, which would be available to health care providers who, as part of their treatment plans for patients, need the ability to prescribe Schedule III through V controlled substances;
An Advanced Telemedicine Prescribing Registration, available for certain health care providers who are board certified in specific specialties, including psychiatry, and who need the ability to prescribe Schedule II controlled substances;
A Telemedicine Platform Registration, which would establish a new requirement applicable to telemedicine companies—specifically, the online platforms that facilitate connections between patients and health care providers that may result in the prescribing of these medications.
The different types of Special Registrations would make it possible for health care providers with prescribing authority—both physicians and non-physician practitioners—and the telemedicine companies that support the industry’s infrastructure to apply for one or more of these registrations in order to prescribe controlled substances via telemedicine without the need for an in-person evaluation of the patient.
As part of the Special Registration Proposed Rule, the DEA also would require the creation of a national prescription drug management program (“PDMP”) to provide greater visibility into a patient’s prescribed medication history for both prescribing providers and pharmacists. Regardless of the type of registration a provider or telemedicine company holds, the DEA would be establishing the added requirement of the provider or company needing to verify “the identity of the patient and [completing] a nationwide [PDMP] check of all 50 states and any U.S. district or territory that maintains its own PDMP.”[1]
Other highlights in the Special Registration Proposed Rule include:
Requiring, for prescriptions of Schedule II controlled substances: (a) that special registrants be physically located in the same state as the patient when prescribing the Schedule II medication via telemedicine; and (b) that telemedicine prescriptions of Schedule II controlled substances must, on average, make up “less than 50 percent of the total number of Schedule II prescriptions issued by the clinician special registrant in their telemedicine and non-telemedicine practice in a calendar month.”[2]
Requiring, with certain but limited exceptions, that special registrants use audio and video capabilities when prescribing controlled substances via telemedicine, regardless of whether the provider-patient encounter is an initial or follow-up visit.[3]
Requiring, during any initial visits between a special registrant and a patient, that a photo of the patient presenting federal or state identification is captured, as a means for confirming the patient’s identity.[4]
Requiring special registrants to maintain a State Telemedicine Registration for every state in which a patient is treated by the special registrant, subject to limited exceptions (g., the special registrant is an officer of the U.S. Armed Forces, the Public Health Service, or the Bureau of Prisons authorized to prescribe, or an employee or contractor of the U.S. Department of Veterans Affairs). The State Telemedicine Registration would be issued by the DEA, not the states, and function as an ancillary credential, contingent on the type of special registration held by the special registrant, and the special registrant’s authorization under state laws and rules to prescribe controlled substances within that state.[5]
The DEA has requested public comments on the Special Registration Proposed Rule, due no later than March 16, 2025.
Final Rule Regarding Access to Buprenorphine Treatment Via Telemedicine
Under this DEA and HHS final rule, effective February 18, 2025, the Departments are expanding access to buprenorphine treatment via telemedicine encounters (the “Buprenorphine Telemedicine Prescribing Final Rule”).
As background, during the COVID-19 PHE, when the DEA issued a waiver to temporarily loosen many of the restrictions on telemedicine prescribing controlled substances, the use of telemedicine prescribing for buprenorphine expanded dramatically as a means of treatment for patients with opioid use disorder (“OUD”).
The Buprenorphine Telemedicine Prescribing Final Rule diverges significantly from the 2023 Proposed Rule and codifies and extends many of the telemedicine flexibilities allowed during the pandemic with respect to treatment of patients with OUD. This will not only ensure continuity of care for patients who initiated buprenorphine treatment via telemedicine during the PHE, but also will allow new patients to access the same treatment without requiring an initial in-person visit.
Under the Buprenorphine Telemedicine Prescribing Final Rule, health care providers may prescribe buprenorphine for the treatment of OUD via a telemedicine encounter, including an audio-only telemedicine encounter, for up to six (6) months. To continue a patient’s treatment beyond six (6) months, the patient either can obtain an in-person medical evaluation or pursue other forms of telemedicine that are authorized under the Controlled Substances Act. Thus, this final rule permits patients to continue to receive telemedicine prescriptions for buprenorphine without ever receiving an in-person visit, as long as the patient visits conform to existing requirements for telemedicine modalities including audio-visual telemedicine, asynchronous telemedicine (store-and-forward), or remote patient monitoring.
Key requirements for providers to prescribe under the Buprenorphine Telemedicine Prescribing Final Rule include that the provider must be registered by the DEA to prescribe controlled substances, and the provider must review the patient’s prescription drug monitoring program data for the state in which the patient is located during the telemedicine visit. The Buprenorphine Telemedicine Prescribing Final Rule also adds a new requirement not included in the proposed rule that the dispensing pharmacist must verify the patient’s identity prior to filling the prescription.
In response to public comments DEA and HHS received regarding the 2023 Proposed Rule, the Buprenorphine Telemedicine Prescribing Final Rule significantly reduces or eliminates several of the barriers under the proposed rule that were most heavily criticized. In particular:
30-Day Supply: The 2023 Proposed Rule would have allowed only a thirty (30) day supply of buprenorphine to be prescribed via telemedicine before an in-person encounter would need to take place. Public comments to the 2023 DEA Proposed Rule argued that this short window vitiated the purpose of the statutory exception and was insufficient to meaningfully increase access to OUD treatment.
In-Person Assessment to Continue Treatment: The 2023 Proposed Rule would have required patients to obtain an in-person assessment at the end of the initial prescribing period in order to continue treatment. This requirement meant that access would not have materially improved for the large number of people in rural and underserved areas or who otherwise face barriers to accessing in-person treatment.
Recordkeeping: The 2023 Proposed Rule would have required providers to comply with a variety of record-keeping requirements, including maintaining a record of whether the encounter was conducted via audio-visual or audio-only means, why the patient chose an audio-only telemedicine encounter, and maintaining copies of all qualifying telemedicine referrals. These requirements would have increased the administrative burden of offering telemedicine services.
The Buprenorphine Telemedicine Prescribing Final Rule dramatically expands access to those who are seeking OUD treatment, allowing these patients to participate in a sustained program of treatment with buprenorphine by extending the prescribing period to six (6) months, allowing patients who initiate treatment via audio-only telemedicine to continue treatment via other forms of telemedicine without an in-person assessment, and eliminating some of the burdensome recordkeeping requirements.
DEA Final Rule Regarding Veterans’ Access to Controlled Substances Via Telemedicine
Under this DEA and HHS final rule, entitled “Continuity of Care via Telemedicine for Veterans Affairs Patients,” the Departments finalized parts of the 2023 Proposed Rule that specifically pertain to U.S. Department of Veterans Affairs (“VA”) practitioners and the VA patients they serve (the “VA Telemedicine Prescribing Final Rule”). This rule becomes effective February 18, 2025.
The VA Telemedicine Prescribing Final Rule will allow VA practitioners acting within the scope of their VA employment and professional practice to prescribe controlled substances via telemedicine to VA patients with whom they have not conducted an in-person medical evaluation, provided that another VA practitioner has previously conducted an in-person medical evaluation with the same patient. Practically speaking, this means that once a VA patient has received an in-person medical examination from a VA practitioner, the ongoing practitioner-patient relationship—including the ability to prescribe controlled substances—can be extended to all VA practitioners who engage with that patient via telemedicine.
The VA Telemedicine Prescribing Final Rule includes certain conditions that are similar to some being proposed in the Special Registration Proposed Rule. For example, VA practitioners will be required under the VA Telemedicine Prescribing Final Rule, prior to issuing a prescription via telemedicine for any Schedule II through V controlled substances, to review both the patient’s electronic medical record with the VA and the PDMP data for the state in which the VA patient is located at the time of the telemedicine encounter—provided the state has such data—to confirm the history of prescriptions for controlled substances that have been issued to the patient.
DEA states in the VA Telemedicine Prescribing Final Rule that the agency’s basis for creating a separate, VA-specific rule has been done in response to “the evolving landscape of the healthcare needs of VA patients, advancements in telemedicine, and DEA’s capacity to implement safeguards that protect against potential misuse.”[6] DEA describes its intended approach as being responsive to and possible because of the specialized health care needs of veterans and the unique structure of the VA health care system. The VA Telemedicine Prescribing Final Rule will ensure that veterans have more consistent and flexible access to care, regardless of their geographic location, while still maintaining oversight and continuity of care through the VA system.
Regulatory Freeze Pending Review
As anticipated, in connection with the transition between Administrations, President Donald Trump implemented a “regulatory freeze” by memorandum issued on January 20, 2025. The freeze applies differently depending on whether or not a rule (including a NPRM) has been published in the Federal Register – contrasted with rules not yet submitted, or rules submitted to the Office of the Federal Register, but not yet published. For rules that have been published to the Federal Register, such as the DEA’s 2025 Rules, the White House requires executive departments and agencies to “consider postponing” the rule’s effective date until at least March 21, 2025 (sixty (60) days from the issuance of the memorandum), to allow review of any questions of fact, law, and/or policy raised by the rule, and to “consider opening” a comment period for stakeholders to comment on those questions. Executive agencies are also directed to “consider reevaluating” pending petitions involving such rules, which may result in effective dates being further delayed beyond the 60-day period.
As directly applicable here, the two final rules, as published in the Federal Register, are set to be effective February 18, 2025. The comment period for the NPRM ends March 16, 2025. What exactly happens next, and on what timeline, depends on how the DEA administrator exercises the agency’s discretion to “consider postponing” the DEA’s 2025 Rules. In the meantime, DEA registered prescribers can continue operating under the telemedicine prescribing flexibilities issued during COVID-19 (though December 31, 2025).
Takeaways
The DEA’s 2025 Rules offer, on the one hand, clarity that many practitioners and telemedicine companies have been eagerly awaiting in the wake of the PHE. However, the DEA’s 2025 Rules also suggest that the industry has its work cut out for it.
Telemedicine providers and companies should begin preparing for the potential regulatory changes that would be imposed by the Special Registration Proposed Rule. Although the rulemaking process may be delayed because of the recent regulatory freeze issued by the Trump Administration, it is never too early to begin thinking about the related operational changes and administrative oversight that may be required to obtain the applicable registration(s).
In the case of the final rules regarding buprenorphine prescribing and veterans, telemedicine providers must begin making plans for how to achieve operational compliance, though the effective date of such regulations may also be delayed.
Epstein Becker Green Attorneys Ann W. Parks and Erin Sutton contributed to the preparation of this post.
ENDNOTES
[1] 90 Fed. Reg. 6541, 6543 (Jan. 17, 2025).
[2] Id. at 6556.
[3] Id. at 6554. Note that the Expansion of Buprenorphine Treatment via Telemedicine Encounter final rule allows an exception for buprenorphine and other controlled substances used to treat opioid use disorder, discussed in more detail below.
[4] Id. at 6557.
[5] Id. at 6551.
[6] 90 Fed. Reg. 6523, 6527 (Jan. 17, 2025).
CFPB’s Recent Rule Eliminates Medical Debt from Credit Reports
On January 7, 2025, the Consumer Financial Protection Bureau (“CFPB”) published a final Rule (the “Rule”) that prohibits consumer reporting agencies from including individuals’ medical debt on consumer credit reports.
The CFPB states that this Rule, which amends Regulation V of the Fair Credit Reporting Act, aims to ease financial burdens placed on individual consumers seeking loans by preventing medical debt from negatively impacting credit scores. Additionally, the Rule prohibits creditors from considering consumer medical debt information in credit eligibility determinations and decisions.
The Rule has been published in the Federal Register and is scheduled to become effective March 17, 2024. A recent Executive Order, however, may delay or impact whether the Rule is implemented and, if it is implemented, the timing of when the Rule becomes effective.
The Rule is currently facing at least two legal challenges. In ACA International, et al. v. Consumer Financial Protection Bureau, et al., which was filed in the U.S. District Court for the Southern District of Texas, and Cornerstone Credit Union League, et al. v. Consumer Financial Protection Bureau, et al., which was filed in the U.S. District Court for the Eastern District of Texas, plaintiffs allege that the CFPB has overstepped its rulemaking authority, which is the ultimate duty of Congress. In both actions, the plaintiffs also argue that the consequences of excluding medical debt in credit reporting could impede on the accuracy of credit reporting systems and make it more difficult to determine individuals’ creditworthiness. Additionally, the plaintiffs in ACA state that the Rule will ultimately harm the medical field by failing to hold individuals fully responsible for medical bills that support doctors, nurses, and hospitals.
While lenders and individuals should continue to monitor this change, they should also be aware of states and other local jurisdictions that have already imposed restrictions on credit reporting as it relates to medical debt. For example, under New York’s Fair Medical Debt Reporting Act, hospitals, health care providers and ambulance services are prohibited from reporting, either directly or indirectly, medical debt information to consumer reporting agencies.
DEA Unveils Long-Overdue Special Registration for Telemedicine in Proposed Rule
In the final days of the Biden administration, the Drug Enforcement Administration (DEA) released a proposed rule that would allow practitioners with a Special Registration to prescribe Schedule III-V, and in limited circumstances Schedule II, controlled substances via telemedicine.
Practitioners with a Special Registration would still need to obtain a DEA registration in each state where they prescribe or dispense controlled substances. However, the proposed rule establishes a limited, less expensive State Telemedicine Registration as an alternative to the traditional DEA registration. The proposed rule imposes several obligations on practitioners with Special Registrations when they prescribe controlled substances via telemedicine. Of note, practitioners would need to be located in the same state as the patient at the time of the encounter when issuing a Schedule II controlled substance prescription, and the average monthly number of Schedule II controlled substances prescribed via telemedicine would need to be limited to less than 50% of the practitioner’s total Schedule II prescriptions (including both telemedicine prescriptions and non-telemedicine prescriptions).
If finalized, the Special Registration process would provide an alternative pathway for practitioners to prescribe controlled substances via telemedicine if the DEA telemedicine prescribing flexibilities currently in place through December 31, 2025, expire. We provide a summary of some of the key provisions of the proposed rule below.
Definitions
The proposed rule introduces several new definitions, some of which include:
Clinician practitioner — an individual practitioner who provides direct patient care or assesses, diagnoses, or treats medical conditions.
Platform practitioner — a covered online telemedicine platform that dispenses controlled substances by virtue of its central involvement as an intermediary in the remote prescribing of controlled substances by an individual practitioner. Platform practitioners are subject to the requirements imposed upon non-pharmacist practitioners under the Controlled Substances Act, 21 U.S.C. Sections 801-904, and its regulations.
Covered online telemedicine platform — an entity that facilitates connections between patients and clinician practitioners, via an audio-video telecommunications system, for the diagnosis and treatment of patients that may result in the prescription of controlled substances, but is not a hospital, clinic, local in-person medical practice, or insurance provider, and meets one or more of the following criteria:
The entity explicitly promotes or advertises the prescribing of controlled substances through the platform;
The entity has financial interests, whether direct incentives or otherwise, tied to the volume or types of controlled substance prescriptions issued through the platform, including but not limited to, ownership interest in pharmacies used to fill patients’ prescriptions, or rebates from those pharmacies;
The entity exerts control or influence on clinical decision-making processes or prescribing related to controlled substances, including, but not limited to: prescribing guidelines or protocols for clinician practitioners employed or contracted by the platform; consideration of clinician practitioner prescribing rates in the entity’s hiring, retention, or compensation decisions; imposing explicit or de facto prescribing quotas; directing patients to preferred pharmacies; and/or
The entity has control or custody of the prescriptions or medical records of patients who are prescribed controlled substances through the platform.
Special Registrations
Categories and Eligibility
The proposed rule establishes the following categories of Special Registrations and eligibility requirements:
Telemedicine Prescribing Registration: This registration would allow clinician practitioners to prescribe Schedule III-V controlled substances.
Clinician practitioners would need to demonstrate a legitimate need for the registration.
Physicians, nurse practitioners, physicians, and other mid-level practitioners defined under 21 C.F.R. § 1300.01 (“mid-level practitioners”) would have a legitimate need to prescribe Schedule III-V controlled substances if they expect to treat patients for whom in-person exams would be burdensome.
Examples include patients who experience severe weather conditions, live in remote or distant areas, or have communicable diseases.
Advanced Telemedicine Prescribing Registration: This registration would allow certain specialized clinician practitioners to prescribe Schedule II-V controlled substances.
Specialized clinician practitioners would need to demonstrate a legitimate need for the registration and justify the additional authorization to prescribe Schedule II medications. These practitioners would need to provide information demonstrating their specialized training on their Special Registration application.
Specialized physicians and board-certified mid-level practitioners would have a legitimate need to prescribe Schedule II-V controlled substances when treating vulnerable patient populations. This includes individuals who face significant barriers to accessing care and who suffer from debilitating or terminal illnesses.
Only specialized physicians and board-certified mid-level practitioners in the following limited circumstances or practice specialties are eligible:
Psychiatrists;
Hospice care physicians;
Palliative care physicians;
Practitioners rendering treatment at long-term care facilities;
Pediatricians;
Neurologists; and
Mid-level practitioners and physicians from other specialties who are board certified in the treatment of psychiatric or psychological disorders, hospice care, palliative care, pediatric care, or neurological disorders unrelated to the treatment and management of pain.
Telemedicine Platform Registration: This registration would allow covered online telemedicine platforms to dispense Schedule II-V controlled substances through a clinician practitioner who holds a Telemedicine Prescribing Registration or Advanced Telemedicine Prescribing Registration (i.e., a platform practitioner).
Covered online telemedicine platforms would need to demonstrate a legitimate need for the registration.
Covered online telemedicine platforms, in their capacity as platform practitioners, would have a legitimate need to dispense Schedule II-V controlled substances when they:
Expect to provide necessary services that connect patients with clinician practitioners via telemedicine for the diagnosis, treatment, and prescription of controlled substances;
Comply with federal and state regulations;
Oversee the clinician practitioner’s prescribing practices; and
Implement safeguards to prioritize patient safety and prevent diversion, abuse, or misuse of controlled substances.
Platform practitioners would need to attest to their legitimate need on their Special Registration application.
Special Registration numbers would be formatted distinctly, allowing pharmacists to easily differentiate between practitioners with a Special Registration and those with a traditional DEA registration.
Application Requirements
In the proposed rule, the DEA outlines several Special Registration application requirements. Notably, applicants would need to provide a physical address as their registered location, and platform practitioners would need to disclose all employment relationships, contractual relationships, and professional affiliations with any clinician practitioner with a Special Registration and online pharmacy.
State Telemedicine Registration
In addition to a Special Registration, clinician practitioners and platform practitioners, unless exempt, would still need to obtain a DEA registration in each state in which they intend to prescribe or dispense controlled substances to patients via telemedicine. However, in lieu of the traditional DEA registration, the proposed rule establishes a limited State Telemedicine Registration, which would be less expensive for clinician practitioners. The proposed fee is $50 for clinician practitioners, reflecting a significant reduction from the cost of a traditional DEA registration, and $888 for platform practitioners, which matches the cost of a traditional DEA registration. Similar to Special Registrations, State Telemedicine Registration numbers would be formatted distinctly, allowing pharmacists to easily differentiate between practitioners with a State Telemedicine Registration and those with a traditional DEA registration.
Requirements of the Proposed Rule
Telehealth Modality
Similar to the final rule regarding telemedicine prescribing of buprenorphine, practitioners would be permitted to prescribe Schedule III-V controlled substances approved by the U.S. Food & Drug Administration to treat opioid use disorder via telemedicine (currently limited to buprenorphine) through an audio-only visit. (See our discussion on the DEA’s final buprenorphine rule here.) Audio-only visits would only be permitted if the practitioner has the capability to use audio-video, but the patient is either unable to use video or does not consent to it. However, unlike the final buprenorphine rule, treatment would need to be initiated through an audio-video visit, and the practitioner would need to have conducted at least one medical exam of the patient via audio-video. Prescriptions not meeting the criteria described above would only be able to be issued through an audio-video visit.
Schedule II Controlled Substances
Practitioners would only be permitted to prescribe Schedule II controlled substances via telemedicine if they are physically located in the same state as the patient at the time of the encounter when the prescription is issued. Additionally, the number of Schedule II controlled substances prescribed via telemedicine, averaged monthly, would be limited to less than 50% of the practitioner’s total Schedule II prescriptions (including both telemedicine prescriptions and non-telemedicine prescriptions).
PDMP Check
Effective immediately, if the proposed rule is finalized, practitioners with a Special Registration would need to check the patient’s controlled substance prescription data in Prescription Drug Monitoring Programs (PDMPs) of certain jurisdictions before issuing a prescription for controlled substances via telemedicine. The practitioner would need to review the PDMPs for any controlled substance prescriptions issued to the patient within the last year, or, if less than a year is available, for the entire available period. The relevant jurisdictions include:
The state where the patient is located;
The state where the practitioner is located; and
Any U.S. jurisdiction with PDMP reciprocity agreements with either of the states above.
Three years after the effective date, before issuing a prescription for controlled substances via telemedicine, practitioners with a Special Registration would need to check the PDMPs of all U.S. jurisdictions for controlled substance prescriptions issued to the patient within the last year, or, if less than a year is available, for the entire available period. If there is no means to perform this nationwide PDMP check, the practitioner would continue performing the PDMP checks as described above. We note that there is currently no nationwide PDMP database in operation.
Additional Requirements and Commentary
The proposed rule also:
Sets forth certain recordkeeping, patient identification verification, reporting, prescription, and e-prescribing requirements for those with Special Registrations;
Notes that practitioners with Special Registrations would need to be located within the U.S. when issuing a prescription via telemedicine and would need to still comply with any applicable state requirements and restrictions regarding prescribing controlled substances;
Emphasizes that once an in-person medical exam has been conducted, the practitioner and patient would no longer be considered to be engaged in the practice of telemedicine, and the requirements of the proposed rule would not apply; and
Establishes reporting requirements for pharmacies filling Special Registration prescriptions.
A Brief History
The rule stems from the Ryan Haight Act, which amended the Controlled Substances Act to restrict practitioners from prescribing controlled substances unless the practitioner conducts an in-person examination of the patient. The Controlled Substances Act also requires practitioners obtain a separate DEA registration in each state where their patients are located. The Ryan Haight Act (at 21 U.S.C. § 802(54)) outlines seven exceptions under which practitioners may prescribe controlled substances via telemedicine without an in-person exam, one of which involves practitioners who have obtained a special registration. Congress expected the DEA to issue the special registration rule shortly after the Ryan Haight Act was signed into law in 2008. After years of DEA failing to do so, Congress and the White House signed the SUPPORT Act of 2018, a federal law that mandated DEA promulgate the special registration rule by October 2019.
During the COVID-19 Public Health Emergency (PHE), the DEA issued letters on March 25, 2020, and March 31, 2020, granting temporary exceptions to the Ryan Haight Act and its implementing rules that enabled DEA-registered practitioners to prescribe controlled substances without an in-person exam and with a DEA registration in only one state. In March 2023, two months before the end of the PHE, the DEA proposed a rule on telemedicine prescribing of controlled substances, but the rule did not include a special registration framework and was not favorably-viewed. In response, the DEA quickly rescinded the proposed rule and extended the COVID-era flexibilities in May 2023 and again in October 2023. In June 2024, the DEA submitted a special registration rule for Office of Management and Budget clearance that was so unworkable for stakeholders that it was not published. Instead, the flexibilities were further extended in November 2024, and are now set to expire on December 31, 2025. (For more details, see our previous discussions on the DEA’s proposed rules for telemedicine prescribing of controlled substances and the first, second, and third temporary rules extending COVID-era flexibilities.)
Make Your Voice Heard
The DEA is soliciting comments until 11:59 p.m. ET March 18, 2025. Stakeholders may submit comments electronically here or via regular or express mail to the following address:
Drug Enforcement AdministrationAttn: DEA Federal Register Representative/DPW8701 Morrissette Drive, Springfield, VA 22152
All correspondence, including attachments, must include a reference to “Docket No. DEA-407”.
Additionally, those with concerns about the proposed rule can share their feedback by contacting their local Congressperson or the White House.
What Comes Next
With the widespread frustration that met the March 2023 and June 2024 versions of this rule, there is little chance that the proposed rule will be finalized close to its current form. A key point of contention for stakeholders in the proposed rule is the nationwide PDMP check requirement, which is seen as overly burdensome given the absence of a nationwide PDMP database — a burden the DEA continues to underestimate. However, the future of the Special Registration is unclear due to the change in administration and potentially changing priorities and approaches.
President Trump’s first round of executive orders included a regulatory freeze. However, the Regulatory Freeze Pending Review Executive Order does not affect the proposed rule. To influence the direction of the proposed rule, ATA Action has urged President Trump to prioritize the immediate withdrawal of it. If the proposed rule undergoes another set of revisions and round of notice-and-comment rulemaking, it is unlikely that practitioners will have access to a special registration in 2025. Without a special registration process this year, another extension of the DEA telemedicine flexibilities will be crucial. We will continue to closely monitor any developments regarding the special registration process.
California AG Issues Legal Advisories on the Application of California Law to the Use of AI
On January 13, 2025, California Attorney General Rob Bonta issued two legal advisories on the use of AI, including in the healthcare context. The first legal advisory (“AI Advisory”) advises consumers and entities about their rights and obligations under the state’s consumer protection, civil rights, competition, and data privacy laws with respect to the use of AI, while the second (“Healthcare AI Advisory”) provides guidance specific to healthcare entities about their obligations under California law regarding the use of AI.
The AI Advisory notes that businesses have existing obligations with respect to their use of AI under existing California law, including the California Consumer Privacy Act of 2018, the California Invasion of Privacy Act, the Student Online Personal information Protection Act and the Confidentiality of Medical information Act.
The AI Advisory also notes the applicability of recently passed AI laws (with effective dates in 2025 and 2026) to businesses’ use of AI, including laws providing:
disclosure requirements for businesses (e.g., regarding training data used in AI models, AI-generated telemarketing, detection tools for content created by generative AI);
contractual and consent requirements relating to the unauthorized use of likeness in the entertainment industry and other contexts;
disclosure and content removal requirements relating to the use of AI in election and campaign materials;
prohibition of and reporting requirements related to exploitative uses of AI (i.e., child pornography, nonconsensual pornography using deepfake technology, sexually explicit digital identity theft); and
supervision requirements for use of AI tools in healthcare settings.
The Healthcare AI Advisory provides guidance specific to healthcare providers, insurers, vendors, investors and other healthcare entities about their obligations with respect to their use of AI under California law, including:
health consumer protection laws (e.g., prohibition on unlawful, unfair or fraudulent business acts or practices; professional licensing standards and other prohibitions relating to the practice of medicine by non-human entities; requirements relating to management of health insurance);
anti-discrimination laws (e.g., requirements relating to protected classifications); and
patient privacy and autonomy laws (e.g., use and disclosure of patient data, confidentiality of patient data, patient consent, patient rights).
The Healthcare AI Advisory emphasizes the importance of taking proactive steps to comply with existing California law, even as additional AI laws and regulations are anticipated, given the potential risk of harm to patients, healthcare systems and public health.
President Trump’s “Rescission” Executive Order
Among the executive orders issued by President Trump on January 20, 2025, was one titled Initial Rescissions of Harmful Executive Orders and Actions (the “Order”).
The Order’s stated purpose is to retract what it describes as the “deeply unpopular” and “radical” practices of President Biden. The Order specifically calls out the “injection of diversity, equity and inclusion” and states that such measures have corrupted our institutions by replacing “hard work, merit and equality.”
With that as preface, the Order goes on to list numerous prior executive orders that it is specifically revoking. Among them are:
Executive Order 13985 of January 20, 2021 (Advancing Racial Equity and Support for Underserved Communities Through the Federal Government);
Executive Order 13988 of January 20, 2021 (Preventing and Combating Discrimination on the Basis of Gender Identity or Sexual Orientation);
Executive Order 13993 of January 20, 2021 (Revision of Civil Immigration Enforcement Policies and Priorities);
Executive Order of 13999 of January 21, 2021 (Protecting Worker Health and Safety); Executive Order 14020 of March 8, 2021 (Establishment of the White House Gender Policy Council);
Executive Order 14031 of May 28, 2021 (Advancing Equity, Justice, and Opportunity for Asian Americans, Native Hawaiians, and Pacific Islanders);
Executive Order 14055 of November 18, 2021 (Nondisplacement of Qualified Workers under Service Contracts); and
Executive Order 14075 of June 15, 2022 (Advancing Equality for Lesbian, Gay, Bisexual, Transgender, Queer, and Intersex Individuals) among many others.
The White House also issued an Inauguration Day executive order titled Defending Women from Gender Ideology Extremism and Restoring Biological Truth to the Federal Government (“Order 2”) which states that it is the policy of the United States to recognize two sexes, male and female, as defined therein. Under Order #2, gender identity shall no longer have a place in any decision-making nor in determinations associated with access to bathrooms, programs, housing or other federally supported operations.
Pursuant to Order 2, laws and practices shall refer to only “sex” and not “gender,” and sex is deemed to be determined biologically at the time of conception: male or female. Order 2 additionally directs all agency heads to rescind all contrary guidance and to report an update on the implementation Order 2’s requirements within 120 days. In contradiction with Guidance issued by the Equal Employment Opportunity Commission, Order 2 requires all agencies to “give the terms “sex”, “male”, “female”, “men”, “women”, “boys” and “girls” the meanings set forth in section 2 of [Order 2] when interpreting or applying statutes, regulations, or guidance and in all other official agency business, documents, and communications.”
As described above, many of these now-revoked Executive Orders involve equal opportunity for individuals based on race, gender, gender identity, and sexual orientation. While these orders have been revoked, both state and federal laws continue to prohibit discrimination on the basis of these characteristics. In fact, the United States Supreme Court in 2020 recognized that Title VII protects employees from discrimination on the basis of sexual orientation and gender identity. See Bostock v. Clayton County, 140 S. Ct. 1731. As the Supreme Court specifically stated in Bostock, “The statute’s message for our cases is equally simple and momentous: An individual’s homosexuality or transgender status is not relevant to employment decisions. That’s because it is impossible to discriminate against a person for being homosexual or transgender without discriminating against that individual based on sex.”
Therefore, employers should continue to enforce their policies prohibiting discrimination, including in accord with the Bostock decision.
DOJ Announces False Claims Act Settlements, Judgments Top $2.9 Billion in 2024
Highlights
FCA settlements and judgments exceeded $2.9 billion in FY 2024
Healthcare fraud remained a leading source of FCA settlements and judgments, with over $1.67 billion of the $2.9 billion recovered relating to matters involving the healthcare industry
Among the government’s top enforcement priorities for FY 2024 were the opioid epidemic and Medicare Advantage matters
On Jan. 15, 2025, the U.S. Department of Justice (DOJ) announced False Claims Act (FCA) settlements and judgments exceeded $2.9 billion in the fiscal year (FY) ending Sept. 30, 2024. According to the DOJ, the government and whistleblowers were party to 558 settlements and judgments, while whistleblowers filed 979 qui tam lawsuits, the highest number ever filed in a single year.
Recoveries in whistleblower lawsuits totaled more than $2.4 billion, comprising around 83 percent of all FCA recoveries in FY 2024.
In comparison, FY 2023 settlements and judgments totaled just $2.68 billion based on 543 settlements and judgments. Approximately $2.3 billion of that was derived from whistleblower lawsuits – a number just shy of FY 2024’s.
Matters pertaining to the healthcare industry comprised the largest portion of FCA FY 2024 settlements and judgments. Recoveries for healthcare-related matters totaled over $1.67 billion, making up around 58 percent of all recoveries in FY 2024. Notably, this portion marks a slight decrease from FY 2023’s healthcare-related recoveries, which totaled $1.8 billion (approximately 68 percent of total FCA settlements and judgments). These matters involved a variety of healthcare defendants, including managed care providers, hospitals, clinics, pharmacies, pharmaceutical companies, laboratories, and physicians.
Enforcement Priorities
In conjunction with its release of FCA enforcement data, the DOJ highlighted the opioid epidemic, unnecessary services, substandard care, Medicare Advantage, unlawful kickbacks, Stark Law violations, and COVID-19 related fraud as specific enforcement priorities.
Illustrating these priorities, the most notable FCA recoveries from the past year include:
Opioid Epidemic: A now-bankrupt pharmaceutical company agreed the United States retained a claim in the bankruptcy of $475.6 million related to allegations of marketing an opioid drug to high-volume prescribers, including prescribers that the company knew were prescribing the opioid drug for non-medically accepted uses.
Unnecessary Services and Substandard Care: A healthcare system and 12 affiliated skilled nursing facilities agreed to pay $21.3 million to resolve allegations that they knowingly billed federal healthcare programs for therapy services that were unreasonable, unnecessary or unskilled, or did not occur as billed.
Medicare Advantage Matters: A primary care chain paid $60 million to resolve allegations that it paid kickbacks to third-party insurance agents in exchange for recruiting seniors to primary care clinics.
Unlawful Kickbacks and Stark Law Violations: A biopharmaceutical research service provider agreed to pay over $5 million to resolve allegations that it made millions of dollars of commission payments to independent-contractor marketers to induce the marketers to recommend providers refer clinical laboratory orders to the company.
COVID-19-Related Fraud: A Georgia laboratory owner and the clinical laboratory he owned paid $14.3 million to resolve allegations that they paid kickbacks to independent contractor sales representatives to recommend respiratory pathogen panel tests to senior communities interested only in COVID-19 tests.
The DOJ also reported other notable healthcare fraud enforcement actions from the past year, including a national pharmacy chain’s multimillion-dollar settlement to resolve allegations related to failures to report drug rebates to the Medicare program.
Takeaways
Healthcare fraud continues to be a leading focus of the DOJ’s enforcement efforts. This continued focus reflects the government’s commitment to addressing fraudulent activities across various sectors of the healthcare industry. The record-breaking number of qui tams demonstrates the willingness of whistleblowers to pursue FCA claims without the government’s assistance. To minimize potential liability under the FCA, entities in the healthcare industry should consider prioritizing compliance reviews of policies surrounding the government’s enforcement priorities discussed above.
For a robust analysis of the most notable FCA developments of 2024, please reference Barnes & Thornburg’s 2024 Healthcare Enforcement and Compliance Report, set to be released in early 2025. Addressing FCA developments, enforcement trends, civil and criminal actions, industry guidance and government policy updates, the 2023 Healthcare Enforcement and Compliance Report was released earlier this year.
Healthcare Preview for the Week of: January 21, 2025 [Podcast]
First Official Week of Trump 2.0
President Trump officially began his second term yesterday. He briefly discussed healthcare in his first inaugural speech, committing to tackle chronic disease and keep children safe, healthy, and disease free. He also signed several executive orders, with fewer than expected directly focusing on healthcare on day one.
It is important to note that executive orders generally are not immediately effective; rather, they initiate a longer process and require additional steps before they can be enforced. Executive orders generally signal values and future plans, but they can be challenged in court. Thus, we need to be precise when looking at executive orders and their potential implications.
Yesterday, President Trump used executive orders to rescind several Biden-era policies, including some related to diversity, equity, and inclusion; climate; and the COVID-19 pandemic. He also issued an order to begin the process of withdrawing the United States from the World Health Organization, referencing the organization’s “mishandling” of COVID-19. This process could take up to a year to go into effect.
President Trump also revoked President Biden’s 2022 executive order on lowering prescription drug costs. This revocation did not stop prescription drug pricing initiatives that are moving forward at the Center for Medicare and Medicaid Innovation, but we’ll need to watch closely any next steps that may stem from it.
President Trump also ordered federal employees to return to in-office work full time, limited the release of new regulations, and froze federal hiring, although he specified that Medicare won’t be adversely impacted. He named Dorothy Fink, MD, as the acting Health and Human Services secretary, while we await the nomination hearings for Robert F. Kennedy Jr.
In health-related legislative news this week, the Senate Committee on the Budget will hold a hearing for Russell Vought’s nomination to become director of the Office of Management and Budget. The House Committee on Veterans’ Affairs Subcommittee on Health Oversight will hold a hearing on community care for veterans. The House Committee on Rules will also meet on items for potential suspension and may consider an abortion-related bill later in the week.
This is only day two of the Administration, so we know that there will be much more healthcare policy to come.
Today’s Podcast
In this week’s Healthcare Preview podcast, Debbie Curtis and Rodney Whitlock join Maddie News to discuss Day One actions by President Trump, including what to take away from his first executive orders and what is still to come for healthcare.
House Bipartisan Task Force on Artificial Intelligence Report
In February 2024, the House of Representatives launched a bipartisan Task Force on Artificial Intelligence (AI). The group was tasked with studying and providing guidance on ways the United States can continue to lead in AI and fully capitalize on the benefits it offers while mitigating the risks associated with this exciting yet emerging technology. On 17 December 2024, after nearly a year of holding hearings and meeting with industry leaders and experts, the group released the long-awaited Bipartisan House Task Force Report on Artificial Intelligence. This robust report touches on how this technology impacts almost every industry ranging from rural agricultural communities to energy and the financial sector to name just a few. It is clear that the AI policy and regulatory space will continue to evolve while being front and center for both Congress and the new administration as lawmakers, regulators, and businesses continue to grapple with this new exciting technology.
The 274-page report highlights “America’s leadership in its approach to responsible AI innovation while considering guardrails that may be appropriate to safeguard the nation against current and emerging threats.” Specifically, it outlines the Task Force’s key findings and recommendations for Congress to legislate in over a dozen different sectors. The Task Force co-chairs, Representative Jay Obernolte (R-CA) and Representative Ted Lieu (D-CA), called the report a “roadmap for Congress to follow to both safeguard consumers and foster continued US investment and innovation in AI,” and a “starting point to tackle pressing issues involving artificial intelligence.”
There was a high level of bipartisan work on AI in the 118th Congress, and although most of the legislation in this area did not end up becoming law, the working group report provides insight into what legislators may do this year and which industries may be of particular focus. Our team continues to monitor legislation, Congressional hearings, and the latest developments writ large in these industries as we transition into the 119th Congress. See below for a sector-by-sector breakdown of a number of findings and recommendations from the report.
Data Privacy
The report’s section on data privacy discusses advanced AI systems’ need to collect huge amounts of data, the significant risks this creates for the unauthorized use of consumers’ personal data, the current state of US consumer privacy protection laws, and recommendations to address these issues.
It begins with a discussion of AI systems’ need for “large quantities of data from multiple diverse sources” to perform at an optimal level. Companies collect and license this data in a variety of ways, including collecting data from their own users, scraping data from the internet, or some combination of these and other methods. Further, some companies collect, package, and sell scraped data “while others release open-source data sets.” These collection methods raise their own set of issues. For example, according to the report, many websites following “a voluntary standard” state that their websites should not be scraped, but their requests are ignored and litigation ensues. It also notes that some companies “are updating their privacy policies in order to permit the use of user data to train AI models” but not otherwise informing users that their data is being used for this purpose. The European Union and Federal Trade Commission have challenged this practice. It notes that in response, “some companies are turning to privacy-enhanced technologies, which seek to protect the privacy and confidentiality of data when sharing it.” They also are looking at “synthetic data.”
In turn, the report discusses the types of harms that consumers frequently experience when their personal and sensitive data is shared intentionally or unintentionally without their authorization. The list includes physical, economic, emotional, reputational, discrimination, and autonomy harms.
The report follows with a discussion of the current state of US consumer privacy protection laws. It kicks off with a familiar tune: “Currently, there is no comprehensive US federal data privacy and security law.” It notes that there are several sector specific federal privacy laws, such as those intended to protect health and financial data and children’s data, but, as has become clear from this year’s Congressional debate, even these laws need to be updated. It also notes that 19 states have adopted state privacy laws but notes that their standards vary. This suggests that, as in the case of state data breach laws, the result is that they have “created a patchwork of rules and regulations with many drawbacks.” This has caused confusion among consumers and resulted in increased costs and lawsuits for businesses. It concludes with the statement that Federal legislation that preempts state data privacy laws has advantages and disadvantages.” The report outlines three Key Findings: (1) “AI has the potential to exacerbate privacy harms;” (2) “Americans have limited recourse for many privacy harms;” and (3) “Federal privacy laws could potentially augment state laws.”
Based on its findings, the report recommends that Congress should: (1) help “in facilitating access to representative data sets in privacy-enhanced ways” and “support partnerships to improve the design of AI systems” and (2) ensure that US privacy laws are “technology neutral” and “can address the most salient privacy concerns with respect to the training and use of advanced AI systems.”
National Security
The report highlights both the potential benefits of emerging technologies to US defense capabilities, as well as the risks, especially if the United States is outpaced by its adversaries in development. The report discusses the status and successes of current AI programs at the Department of Defense (DOD), the Army, and the Navy. The report categorizes issues facing development of AI in the national security arena into technical and nontechnical impediments. The technical impediments include increased data usage, infrastructure/compute power, attacks on algorithms and models, and talent acquisition, especially when competing with the private sector in the workforce. The report also identifies perceived institutional challenges facing DOD, saying “acquisition professionals, senior leaders, and warfighters often hesitate to adopt new, innovative technologies and their associated risk of failure. DOD must shift this mindset to one more accepting of failure when testing and integrating AI and other innovative technologies.” The nontechnical challenges identified in the report revolved around third-party development of AI and the inability of the United States to control systems it does not create. The report notes that advancements in AI are driven primarily by the private sector and encourages DOD to capitalize on that innovation, including through more timely procurement of AI solutions at scale with nontraditional defense contractors.
Chief among the report’s findings and recommendations is a call to Congress to explore ways that the US national security apparatus can “safely adopt and harness the benefits of AI” and to use its oversight powers to hone in on AI activities for national security. Other findings focus on the need for advanced cloud access, the value of AI in contested environments, and the ability of AI to manage DOD business processes. The additional recommendations were to expand AI training at DOD, continue oversight of autonomous weapons policies, and support international cooperation on AI through the Political Declaration on Responsible Military Use of AI. The report indicates that Congress will be paying much more attention to the development and deployment of AI in the national security arena going forward, and now is the time for impacted stakeholders to engage on this issue.
Education and the Workforce
The report also highlights the role of AI technologies in education and the promise and challenges that it could pose on the workforce. The report recognizes that despite the worldwide demand for science, technology, engineering, and mathematics (STEM) workers, the United States has a significant gap in the talent needed to research, develop, and deploy AI technologies. As a result, the report found that training and educating US learners on AI topics will be critical to continuing US leadership in AI technology. The report notes that training the future generations of talent in AI-related fields needs to start with AI and STEM education. Digital literacy has extended to new literacies, such as media, computer, data, and now AI. Challenges include resources for AI literacy.
US leadership in AI will require growing the pool of trained AI practitioners, including people with skills in researching, developing, and incorporating AI techniques. The report notes that this will likely require expanding workforce pathways beyond the traditional educational routes and a new understanding of the AI workforce, including its demographic makeup, changes in the workforce over time, employment gaps, and the penetration of AI-related jobs across sectors. A critical aspect to understanding the AI workforce will be having good data. US leadership in AI will also require public-private partnerships as a means to bolster the AI workforce. This includes collaborations between educational institutions, government, and industries with market needs and emerging technologies.
While the automation of human jobs is not new, using AI to automate tasks across industries has the potential to displace jobs that involve repetitive or predictable tasks. In this regard, the report notes that while AI may displace some jobs, it will augment existing jobs and create new ones. Such new jobs will inevitably require more advanced skills, such as AI system design, maintenance, and oversight. Other jobs, however, may require less advanced skills. The report adds that harnessing the benefits of AI systems will require a workforce capable of integrating these systems into their daily jobs. It also highlights several existing programs for workforce development, which could be updated to address some of these challenges.
Overall, the report found that AI is increasingly used in the workplace by both employers and employees. US AI leadership would be strengthened by utilizing a more skilled technical workforce. Fostering domestic AI talent and continued US leadership will require significant improvements in basic STEM education and training. AI adoption requires AI literacy and resources for educators.
Based on the above, the report recommends the following:
Invest in K-12 STEM and AI education and broaden participation.
Bolster US AI skills by providing needed AI resources.
Develop a full understanding of the AI workforce in the United States.
Facilitate public-private partnerships to bolster the AI workforce.
Develop regional expertise when supporting government-university-industry partnerships.
Broaden pathways to the AI workforce for all Americans.
Support the standardization of work roles, job categories, tasks, skill sets, and competencies for AI-related jobs.
Evaluate existing workforce development programs.
Promote AI literacy across the United States.
Empower US educators with AI training and resources.
Support National Science Foundation curricula development.
Monitor the interaction of labor laws and worker protections with AI adoption.
Energy Usage and Data Centers
AI has the power to modernize our energy sector, strengthen our economy, and bolster our national security but only if the grid can support it. As the report details, electrical demand is predicted to grow over the next five years as data centers—among other major energy users—continue to come online. These technologies’ outpacing of new power capacity can “cause supply constraints and raise energy prices, creating challenges for electrical grid reliability and affordable electricity.” While data centers only take a few years to construct, new sources of power, such as power plants and transmission infrastructure, can take up to or over a decade to complete. To meet growing electrical demand and support US leadership in AI, the report recommends the following:
Support and increase federal investments in scientific research that enables innovations in AI hardware, algorithmic efficiency, energy technology development, and energy infrastructure.
Strengthen efforts to track and project AI data center power usage.
Create new standards, metrics, and a taxonomy of definitions for communicating relevant energy use and efficiency metrics.
Ensure that AI and the energy grid are a part of broader discussions about grid modernization and security.
Ensure that the costs of new infrastructure are borne primarily by those customers who receive the associated benefits.
Promote broader adoption of AI to enhance energy infrastructure, energy production, and energy efficiency.
Health Care
The report highlights that AI technologies have the potential to improve multiple aspects of health care research, diagnosis, and care delivery. The report provides an overview of use to date and its promise in the health care system, including with regard to drug, medical device, and software development, as well as in diagnostics and biomedical research, clinical decision-making, population health management, and health care administration. The report also highlights the use of AI by payers of health care services both for the coverage of AI-provided services and devices and for the use of AI tools in the health insurance industry.
The report notes that the evolution of AI in health care has raised new policy issues and challenges. This includes issues involving data availability, utility, and quality as the data required to train AI systems must exist, be of high quality, and be able to be transferred and combined. It also involves issues concerning interoperability and transparency. AI-enabled tools must be able to integrate with health care systems, including EHR systems, and they need to be transparent for providers and other users to understand how an AI model makes decisions. Data-related risks also include the potential for bias, which can be found during development or as the system is deployed. Finally, there is the lack of legal and ethical guidance regarding accountability when AI produces incorrect diagnoses or recommendations.
Overall, the report found that AI’s use in health care can potentially reduce administrative burdens and speed up drug development and clinical diagnosis. When used appropriately, these uses of AI could lead to increased efficiency, better patient care, and improved health outcomes. The report also found that the lack of standards for medical data and algorithms impedes system interoperability and data sharing. The report notes that if AI tools cannot easily connect with all relevant medical systems, their adoption and use could be impeded.
Based on the above, the report recommends the following:
Encourage the practices needed to ensure AI in health care is safe, transparent, and effective.
Maintain robust support for health care research related to AI.
Create incentives and guidance to encourage risk management of AI technologies in health care across various deployment conditions to support AI adoption and improve privacy, enhance security, and prevent disparate health outcomes.
Support the development of standards for liability related to AI issues.
Support appropriate payment mechanisms without stifling innovation.
Financial Services
With respect to financial services, the report emphasizes that AI is already and has been used for decades within the financial services system, by both industry and financial regulators alike. Key examples of use cases have included fraud detection, underwriting, debt collection, customer onboarding, real estate, investment research, property management, customer service, and regulatory compliance, among other things. The report also notes that AI presents both significant risks and opportunities to the financial system, so it is critical to be thoughtful when considering and crafting regulatory and legislative frameworks in order to protect consumers and the integrity of the financial system, while also ensuring to not stifle technological innovation. As such, the report states that lawmakers should adopt a principles-based approach that is agnostic to technological advances, rather than a technology-based approach, in order to preserve longevity of the regulatory ecosystem as technology evolves over time, particularly given the rapid rate at which AI technology is advancing. Importantly, the report notes that small financial institutions may be at a significant disadvantage with respect to adoption of AI, given a lack of sufficient resources to leverage AI at scale, and states that regulators and lawmakers must ensure that larger financial institutions are not inadvertently favored in policies so as not to limit the ability of smaller institutions to compete or enter the market. Moreover, the report stresses the need to maintain relevant consumer and investor protections with AI utilization, particularly with respect to data privacy, discrimination, and predatory practices.
A Multi-Branch Approach to AI/Next Steps
The Task Force recognizes that AI policy will not fall strictly under the purview of Congress. Co-chair Obernolte shared that he has met with David Sacks, President Trump’s “AI Czar,” as well as members of the transition team to discuss what is in the report.
We will be closely following how both the administration and Congress act on AI in 2025, and we are confident that no industry will be left untouched.
Vivian K. Bridges, Lauren E. Hamma, Abby Dinegar contributed to this article.