EnforceMintz — Scienter, Causation, and Constitutional Questions: 2024’s Three Key FCA Litigation Issues
In 2024, federal courts issued a number of important decisions in False Claims Act (FCA) cases that are particularly noteworthy for the health care and life sciences industries. We focus here on decisions that further develop the FCA scienter standard addressed in 2023 by the Supreme Court in its important SuperValu decision. We also look at decisions that have accepted the invitation of three Supreme Court justices to reexamine the constitutionality of the FCA’s qui tam provisions. Finally, a circuit split on the interpretation of “causation” for FCA suits based on alleged violations of the Anti-Kickback Statute (AKS) remains unresolved, pending a decision from the First Circuit.
Post-SuperValu Developments Concerning the FCA’s Scienter Standard
An essential element of any FCA claim is “knowledge” that the submission of claims was “false or fraudulent.” By statute, the FCA defines “knowledge” to mean that a person acted with (i) actual knowledge, (ii) deliberate ignorance, or (iii) reckless disregard with respect to the truth or falsity of the information at issue. This is the FCA’s intent or scienter standard. Last year, in SuperValu, the Supreme Court held that the FCA’s “knowledge” element is based on subjective intent and not, as a number of circuits had previously held, on a defendant’s “objectively reasonable” interpretation of an ambiguous legal or regulatory issue.1 We previously discussed the SuperValu case (here and here) and analyzed the decision’s implications in last year’s issue of EnforceMintz.
The Supreme Court explained that the FCA’s scienter requirement could be met by showing (i) “deliberate ignorance,” meaning that a defendant had knowledge of a “substantial risk” that its statements were false but “intentionally avoid[ed]” a relevant legal or regulatory requirement; or (ii) “reckless disregard,” meaning that a defendant understood that there was a “substantial and unjustifiable risk” that its claims were false but submitted the claims anyway. While the Supreme Court did not define how lower courts might determine which risks are “substantial” or “unjustifiable,” these two new glosses on “deliberate ignorance” and “reckless disregard” offer some guidance to providers and companies seeking to avoid exposure to FCA liability through well-designed compliance programs.
SuperValu may have been initially understood as a clear-cut victory for the United States and private whistleblowers who bring actions under the qui tam provisions of the FCA. Generally speaking, in litigation, a defendant’s subjective knowledge is often a question of fact, which makes it difficult for defendants to win a motion to dismiss on the basis of whether a complaint adequately alleges knowledge. But as decisions from the past year demonstrate, that is not the full story, for two reasons.
First, even after SuperValu, courts have been willing to grant motions to dismiss on scienter grounds. For example, in August 2024, a federal district court granted a pharmaceutical manufacturer’s motion to dismiss an FCA complaint for failure to adequately allege scienter.2 In US ex rel. Sheldon v. Forest Laboratories, LLC, the relator alleged that Forest Laboratories overcharged the government in violation of the FCA because it did not include certain price concessions in calculating “best price,” as that term was defined by statute. The court found the “best price” definition “no more informative than the hypothetical instruction in [SuperValu] to drive at a ‘reasonable’ speed.”3 As such, the court found that the defendant’s alleged familiarity with such vague instructions did not provide a basis to attribute a culpable mental state to the drug manufacturer.
Second, in June 2024, the Supreme Court decided Loper Bright Enterprises v. Raimondo, ending the era of “Chevron deference” in which courts deferred to an agency’s interpretation of an ambiguous statute.4 This decision may lend support to FCA defendants in cases where the conduct at issue allegedly violated an ambiguous statutory or regulatory requirement. Often in FCA cases, the United States or a private relator attempts to establish scienter by showing an FCA defendant’s knowledge of statutory or regulatory requirements or agency guidance. After Loper Bright, a provider or company facing ambiguous or complex statutory or regulatory requirements can now demonstrate that it subjectively believed it was not taking “substantial and unjustifiable risk” that its claims were false based on the controlling statutory text, without undue deference to an agency’s interpretation. For example, analyzing Stark Law compliance often requires a review of layers of exceptions to complex statutory or regulatory prohibitions. Loper Bright may help provide a defense as to both scienter and falsity where theories of liability are premised on noncompliance with a web of statutory requirements, regulations, and complex agency guidance.
As we previously discussed (here), these case law developments highlight three implications for health care and life sciences companies seeking to minimize FCA exposure or to defend against an FCA investigation or litigation:
Providers and companies should seek to minimize potential FCA exposure by documenting interpretations of ambiguous legal requirements or regulations based on all available advice, communications with agencies or payors, and any other information when making business decisions that involve claims to federal programs or federal funds.
In the event of an FCA investigation, strong compliance functions and a clear record showing the entity’s lack of a subjective belief that it was submitting false or fraudulent claims, or taking an unjustified risk of doing so, may help persuade the government to decline to intervene in an FCA lawsuit.
As Sheldon demonstrates, once in litigation, a scienter-based motion to dismiss argument as well as summary judgment opportunities may still be available, despite SuperValu’s subjective intent holding.
While scienter issues often raise disputed factual questions, that is not always the case, as demonstrated by developments in FCA case law since SuperValu.
Successful Constitutional Challenges in FCA Cases Under Article II and the Eighth Amendment
For the first time in two decades, the issue of the constitutionality of the FCA’s qui tam provisions is squarely before the federal courts. In 2024, defendants raised successful constitutional challenges in cases involving large FCA penalties. Given these results, constitutional questions will likely remain a hot-button issue in 2025, particularly in cases where the government declines to intervene.
Zafirov and the Constitutionality of the FCA’s Qui Tam Provisions
In September 2024, a federal district court held in US ex rel. Zafirov v. Fla. Med. Assocs., LLC that the FCA’s qui tam provisions violate the Appointments Clause of Article II of the Constitution.5
Public officials who exercise “significant authority” under federal law and “occupy a continuing position established by law” are “Officers” who must be appointed consistent with the requirements of Article II, Section 2. In considering whether FCA relators are “Officers”, the court observed that “[a]n FCA relator’s authority markedly deviates from the constitutional norm.” The court explained that the qui tam provisions permit anyone “wherever situated, however motivated, and however financed” to perform a “traditional, exclusive [state] function by appointing themselves as the federal government’s avatar in litigation.”6 The court thus concluded that arrangement violates the Appointments Clause because it permits unaccountable, unsworn private actors to exercise core executive power with substantial consequences for the public. Finding the relator in Zafirov was unconstitutionally appointed, the court granted the defendants’ motion for judgment on the pleadings and dismissed the case with prejudice.
In our prior discussion (here), we explained how Zafirov followed from Justice Thomas’s dissent in US ex rel. Polansky v. Executive Health Resources, which noted the “substantial arguments” that the FCA’s qui tam provisions may be “inconsistent with Article II.” Two other justices agreed with Justice Thomas’s suggestion that the Court should consider the constitutional question in an appropriate case.
The United States and the relator appealed the Zafirov decision to the Eleventh Circuit. As of the date of this publication, briefing is in progress. The government made four particularly noteworthy arguments in its opening brief. First, the government argued that qui tam relators pursue “private interests” assigned by the FCA but do not exercise executive power. Second, the government argued that the qui tam provisions are not subject to the Appointments Clause because relators are not a part of the federal government. Third, even if the Appointments Clause applies, the government argued that relators (i) do not exercise “significant authority” because they are not part of the government workforce and the government retains supervisory authority over declined FCA cases; and (ii) do not “occupy a continuing position established by law” because the role of a qui tam relator is time-limited, case-specific, and involves interests that are personal in nature. Finally, the government argued that, even if the district court’s ruling in Zafirov is affirmed, the decision should be limited only to declined cases and should not extend to matters where the government has intervened or is considering whether to intervene. The defendants’ brief will be filed in the first quarter of 2025 and a decision is expected by the end of 2025.
If Zafirov is affirmed, that would create a circuit split on the constitutionality of the qui tam provisions, which would greatly increase the odds of Supreme Court review. In cases decided between 1993 and 2002, the Second, Fifth, Sixth, Ninth, and Tenth Circuits rejected Article II constitutional challenges to the FCA’s qui tam provisions, so Zafirov’s impact may be limited in those jurisdictions. But in circuits where the issue has not been decided, and to preserve the argument in circuits that previously rejected Article II challenges, defendants are raising the constitutional arguments via motions to dismiss, motions for judgment on the pleadings, and in affirmative or general defenses.
For example, in one recent declined FCA lawsuit pending in a federal district court within the Eleventh Circuit, a defendant Medicare Advantage Organization moved to dismiss, leading its brief with the argument that such relator-driven qui tam suits violate Article II of the Constitution.7 Defendants have made similar arguments in other jurisdictions as well.8
The success of these arguments remains to be seen. FCA defendants raising the constitutional argument should be aware of the notice requirements of Federal Rule of Civil Procedure 5.1, which requires that a party filing a pleading or motion drawing into question the constitutionality of a federal statute promptly file a “notice of constitutional question” with the court and serve that notice on Attorney General of the United States.
In response to FCA defendants’ emerging reliance on Zafirov, the United States has not hesitated to step in to defend the constitutionality of the FCA’s qui tam provisions in previously declined cases. For example, in US ex rel. Gill v. CVS Health Corp., DOJ initially declined to intervene in an FCA lawsuit involving over $200 million in alleged damages from overpayments and over-billing federal programs and commercial payors.9 After Zafirov was decided, the CVS defendants filed a Rule 5.1 notice of constitutional challenge, arguing that the FCA qui tam provisions violated separation of powers principles and Article II of the US Constitution. The CVS defendants also asserted those defenses in their answer to the complaint. The CVS defendants’ Rule 5.1 notice prompted the government to reverse course and intervene “for the limited purpose of defending the constitutionality of the qui tam provisions” of the FCA.
These Article II challenges to the qui tam provisions could significantly impact FCA cases, especially qui tam litigation where the United States previously declined to intervene. We will continue to monitor this issue as it develops in 2025.
Eighth Amendment Challenges to Excessive FCA Penalties
In July, the Eighth Circuit vacated a roughly $6.5 million FCA award, holding that the amount violated the Eighth Amendment’s Excessive Fines Clause.10 In Grant ex rel. US v. Zorn, a medical practitioner filed a qui tam action against the co-owner of a sleep disorders center, alleging that the defendant overbilled federal and state programs for patient visits and engaged in a kickback scheme. After trial, the district court determined that the 1,050 false claims the defendant had submitted to the government resulted in roughly $86,000 in actual damages, which was then trebled to about $259,000. Then, the court imposed a per-claim civil penalty, which added almost $7.7 million to the total award.
Citing the Eighth Amendment’s Excessive Fines Clause and the Supreme Court’s prior invalidation of punitive damages awards that far outpace actual damages, the district court reduced the penalties to $6.47 million. The district court thus endorsed a ratio in which the penalty amounts were 25 times greater than actual damages.
On appeal, however, the Eighth Circuit in Grant vacated the punitive damages award, holding that the application of both treble damages and per-claim civil penalties violated the Eighth Amendment’s Excessive Fine Clause. The court reasoned that the punitive sanction was “grossly disproportional” to the conduct at issue and that the Eight Circuit had previously rejected double-digit multipliers where there was a small economic loss and no evidence of danger to health and safety.
The Grant decision bolsters defendants’ arguments for lower penalty awards in FCA cases where the penalties imposed far exceed actual damages. These arguments are more likely to succeed in cases where the only harm alleged is purely economic.
The Unresolved Circuit Split on the Causation Standard for AKS-Based FCA Claims
As we discussed in last year’s edition of EnforceMintz, a significant circuit split is developing on the causation standard applicable to FCA claims based on violations of the AKS. Specifically, section (g) of the AKS states that “a claim that includes items or services resulting from a violation of [the AKS] constitutes a false or fraudulent claim for purposes of [the FCA].”11 The issue in this circuit split is whether the submission of a claim to the government “result[s] from” a kickback only if it would not have been submitted “but for” the kickback.
In July 2024, the First Circuit heard oral argument on the FCA-AKS causation issue in United States v. Regeneron Pharmaceuticals, Inc.12 As of the date of publication of this article, the First Circuit’s decision is pending.
In Regeneron, the government appealed the district court’s holding that a standard of “but for” causation applied to FCA lawsuits premised on AKS violations. The district court’s holding was consistent with recent decisions from the Sixth and Eighth Circuits (which we previously discussed here) applying the plain language of section (g) of the AKS to require a showing of “but for” causation. On appeal, the government argued that a broader proximate cause standard applies, requiring only “some sort of causal connection.” That view, which has been endorsed by the Third Circuit, is based on the legislative history of the 2010 amendment that added the “resulting from” language in section (g) of the AKS.
At oral argument in Regeneron, Judge Kayatta challenged the government’s expansive view of the causation standard based on legislative intent. Judge Kayatta asked whether causation would be met in a situation where a hospital sent a vendor 10,000 claims in one year, then received a kickback, and then sent fewer claims in the following year. In response, the government argued that each and every claim in year two would be tainted by a kickback, even though the volume of claims decreased post-kickback. Perhaps tellingly, Judge Kayatta found that to be an “odd” outcome.
However the First Circuit rules, the circuit split will deepen, thereby increasing the likelihood that the causation standard question will rise to the Supreme Court. In the meantime, health care and life science entities facing FCA scrutiny based on AKS theories should closely monitor this emerging area. The applicable causation standard can have major implications on FCA exposure and potential damages.
ENDNOTES
[1] US ex rel. Schutte v. SuperValu Inc., 143 S. Ct. 1391, 1399 (2023).
[2] US ex rel. Sheldon v. Forest Laboratories, LLC, No. 1:14-cv-02535, 2024 US Dist. LEXIS 129331, at *79-80 (D. Md. July 23, 2024), appeal filed, No. 24-1793 (4th Cir. Aug. 21, 2024).
[3] Id. at 63.
[4] Loper Bright Enters. v. Raimondo, 603 US ___, 144 S. Ct. 2244 (2024).
[5] US ex rel. Zafirov v. Fla. Med. Assocs., LLC, C.A., No. 8:19-cv-01236-KKM, 2024 US Dist. LEXIS 176626 (M.D. Fla. Sept. 30, 2024).
[6] Id. at *58-59 (internal quotations omitted).
[7] See Gonite v. UnitedHealthCare of Ga., Inc., et al., No. 19-246 (M.D. Ga. Oct. 11, 2024), ECF 69.
[8] See, e.g., US ex rel. Kenly Emergency Med. Corp. v. SCP Health, No. 3:20-cv-3274 (N.D. Cal. Dec. 13, 2024), ECF 74; Omni HealthCare Inc., et al v. North Brevard Cty. Hosp. Dist., et al., No. 6:22-cv-00696 (M.D. Fla. Nov. 28, 2024), ECF 87; US ex rel. Sullivan, et al. v. Murphy Med. Ctr., Inc., et al., No. 1:21-cv-219-MR (W.D.N.C. Oct. 25, 2024), ECF 85; US ex rel. Eckert v. Sci Tech. Inc and Sanmina Corp., No. 20-cv-1443 (D.D.C. Oct. 7, 2024), ECF 34-1.
[9] US ex rel. Gill v. CVS Health Corp., et al., No. 1:18-cv-06494 (N.D. Ill. Feb. 25, 2022), ECF 31.
[10] Grant ex rel. US v. Zorn, 107 F.4th 782 (8th Cir. 2024).
[11] 42 USC § 1320a-7b(g) (emphasis added).
[12] United States v. Regeneron Pharms., Inc., No. 23-2086 (1st Cir. filed Dec. 22, 2023).
Ceramtec GMBH v. Coorstek Biocermanics LLC
This case examines the application of trademark functionality doctrine in the medical device industry, specifically addressing whether the pink color of ceramic hip components can be protected as a trademark. The case provides important guidance on how courts evaluate functionality claims and the intersection between patent and trademark protection for product features.
Background
Ceramtec manufactures artificial hip components using zirconia-toughened alumina (“ZTA”) ceramic material containing chromium oxide (chromia). The chromia gives their products, marketed under the name “Biolox Delta,” a distinctive pink color. Prior to seeking trademark protection, Ceramtec held U.S. Patent 5,830,816 covering their ceramic composition, which expired in January 2013.
In January 2012, Ceramtec applied for two trademarks claiming protection for the color pink used in ceramic hip components. The marks were registered on the Supplemental Register in April 2013, covering both a “hip joint ball” and an “acetabular shell or fossa.”
Coorstek, a competitor in the medical implant market, manufactures two different ZTA ceramic materials: CeraSurf-p, which contains chromia and is pink, and CeraSurf-w, which does not contain chromia and is white. On March 3, 2014, Coorstek filed both a lawsuit in the District of Colorado and a cancellation petition with the Trademark Trial and Appeal Board (TTAB), arguing that the pink color was functional and therefore ineligible for trademark protection.
The TTAB ruled in favor of Coorstek, finding that the pink color was functional and cancelling Ceramtec’s trademark registrations. The Board based its decision on evidence from Ceramtec’s expired patent and their technical publications showing that chromia provided material benefits to the ceramic components. Ceramtec appealed this decision to the Federal Circuit, challenging both the Board’s functionality finding and its handling of the unclean hands defense.
Issue(s)
Whether the pink color of Ceramtec’s ceramic hip components is functional and thus ineligible for trademark protection.
Holding
The Federal Circuit affirmed the TTAB’s decision canceling Ceramtec’s trademarks, finding that the pink color was functional and therefore not eligible for trademark protection.
Reasoning
The Federal Circuit’s analysis centered on the Morton-Norwich factors, a four-part test established in In re Morton-Norwich Products, Inc. that courts use to determine whether a product feature is functional. These factors examine: (1) the existence of a utility patent disclosing the utilitarian advantages of the design; (2) advertising materials in which the originator of the design touts its utilitarian advantages; (3) the availability to competitors of functionally equivalent designs; and (4) facts indicating the design results in a comparatively simple or cheap method of manufacturing.
Applying these factors to Ceramtec’s case:
The court found that Ceramtec’s expired patent disclosing the use of chromia in ZTA ceramics provided strong evidence that the pink color was functional, as it resulted from a feature that provided material benefits.
The court considered Ceramtec’s advertising materials and public communications, which disclosed that chromia provides material benefits to the ZTA ceramics, further supporting functionality.
Regarding the availability to competitors, the court found no evidence that alternative designs would work as well, making this factor neutral in the analysis.
The court determined that evidence about manufacturing costs and methods was inconclusive and treated this factor as neutral.
Particularly significant was the relationship between Ceramtec’s expired patent and their trademark claims. The court emphasized that features previously protected by a patent cannot later be protected through trademark law if they are functional, as this would effectively extend patent protection indefinitely.
The court also rejected Ceramtec’s argument that the Board improperly applied the “unclean hands” doctrine, finding that the Board properly considered the public interest in removing registrations for functional marks from the trademark register.
Through this decision, the Federal Circuit reinforced the principle that functional product features, even if they create a distinctive appearance, cannot be protected as trademarks when they serve a utilitarian purpose essential to the product’s use or manufacture.
Listen to this post
DEA Tightens Buprenorphine Telemedicine Prescribing Rules
The Drug Enforcement Administration (DEA) and the U.S. Department of Health & Human Services (HHS) just finalized their March 2023 proposed rule regarding telemedicine prescribing of buprenorphine. The final rule, effective February 17, 2025, allows DEA‑registered practitioners to prescribe Schedule III-V controlled substances, i.e., buprenorphine, to treat opioid use disorder (OUD) through audio-video visits and through audio-only visits in specific circumstances after certain requirements are met. Although these practices are currently allowed under the COVID-era telemedicine prescribing flexibilities through the end of the 2025, the final rule introduces additional requirements for these prescriptions.
Requirements of the Final Rule
PDMP Check
Before prescribing a Schedule III-V controlled substance approved by the U.S. Food & Drug Administration (FDA) to treat OUD via telemedicine (currently limited to buprenorphine), DEA-registered practitioners must review the prescription drug monitoring program (PDMP) database of the state in which the patient is located at the time of the encounter.
Scope of Review: Practitioners must check PDMP data for any controlled substances issued to the patient within the past year. If less than a year of data is available, practitioners must review the entire available period.
Initial Prescription:
After reviewing the PDMP data and documenting the review, practitioners may issue an initial six-month supply of buprenorphine, which may be divided across several prescriptions, totaling six calendar months.
If the PDMP data is not available but the attempt to access it is documented, practitioners may prescribe only a seven-day supply of buprenorphine. Practitioners must continue to check the PDMP database to issue subsequent prescriptions. If, after checking, the PDMP remains unavailable and access attempts are documented, practitioners may prescribe subsequent seven-day supplies, up to the six-month limit.
Follow-Up Prescriptions
After the initial six-month supply, practitioners may issue additional prescriptions if they either:
Conduct an in-person medical exam; or
Meet one of the seven narrow exceptions under the Ryan Haight Act (discussed below) for telemedicine practitioners.
Once an in-person medical exam has been conducted, the practitioner and patient are no longer considered to be engaged in the practice of telemedicine, and the obligations outlined in the final rule will no longer apply.
Pharmacist Verification
Before dispensing these prescriptions, pharmacists must verify the identity of the patient using one of the following:
A state government-issued ID;
A federal government-issued ID; or
Other acceptable documentation, such as a paycheck, bank or credit card statement, utility bill, tax bill, or voter registration card.
A Brief History
The rules stem from the Ryan Haight Act, which amended the Controlled Substances Act to restrict practitioners from prescribing controlled substances unless the practitioner conducts an in-person examination of the patient. The Ryan Haight Act (at 21 U.S.C. § 802(54)) outlines seven exceptions under which practitioners may prescribe controlled substances via telemedicine without an in-person exam. The fifth exception involves practitioners who have obtained the long-awaited special registration. (Stay tuned for our discussion on the DEA’s proposed rule establishing a special registration.) The seventh exception involves other circumstances specified by regulation.
During the COVID-19 Public Health Emergency (PHE), the DEA issued letters on March 25, 2020, and March 31, 2020, granting temporary exceptions to the Ryan Haight Act and its implementing rules that enabled DEA-registered practitioners to prescribe controlled substances without an in-person exam and with a DEA registration in only one state. These telemedicine flexibilities enabled practitioners to prescribe Schedule II-V controlled substances through audio-video visits and audio-only visits. Audio-only visits are permitted if the practitioner has the capability to use audio-video, but the patient is either unable to use video or does not consent to it.
In March 2023, in anticipation of the PHE ending, the DEA issued a proposed rule regarding the expansion of telemedicine prescribing of buprenorphine, which received significant criticism from stakeholders. In response, the DEA quickly rescinded the proposed rule and extended the COVID-era flexibilities in May 2023. The flexibilities were subsequently extended in October 2023 and November 2024 and are now set to expire on December 31, 2025. (For more details, see our previous discussions on the DEA’s proposed rules for telemedicine prescribing of controlled substances and the first, second, and third temporary rules extending COVID-era flexibilities.) Now, in an effort to not lose ground on the expansion of telemedicine prescribing of buprenorphine, especially if the telemedicine flexibilities expire with the incoming Trump administration, the DEA and HHS have revised and finalized their proposed buprenorphine rule.
Comparing the Proposed and Final Rules
The final rule introduces several changes to the proposed rule, some of which are described below:
Supply Limitation: The initial 30-day prescription supply limitation via audio-only was increased to a six-month supply.
In-Person Medical Evaluation: The requirement to have an in-person medical evaluation, with three options for conducting it, to prescribe more than the initial supply of buprenorphine was removed.
Recordkeeping: The detailed recordkeeping requirements for each prescription a practitioner issues through a telemedicine encounter, such as whether the encounter was conducted via audio-video or audio-only, were removed.
PDMP Review: Although reviewing the PDMP database of the state in which the patient is located at the time of the encounter is still required, the specifications and recordkeeping requirements for the review were changed.
The DEA and HHS state that these changes are likely to address and alleviate many of the concerns raised by commentors, acknowledging that some of the previously proposed requirements would have placed undue burdens on both patients and practitioners.
Conclusion
We anticipate that many stakeholders will be dissatisfied with the final rule, particularly with the six-month duration for an initial supply, which may still be too short, and the nationwide PDMP check requirement, which is overly burdensome given the absence of a nationwide PDMP database — a burden the DEA continues to underestimate.
If the COVID-era telemedicine prescribing flexibilities expire without further extension, the final rule offers protection for prescribing buprenorphine to treat OUD. However, that protection is contingent on establishing a legitimate special registration process, which the DEA has yet to propose or implement. Given the uncertainty surrounding the incoming Trump administration’s priorities and its views on telemedicine prescribing of controlled substances, it is unclear whether the final rule will be withdrawn or left as-is. There is also uncertainty about whether the telemedicine prescribing flexibilities will expire after 2025.
Tickled Pink No More
Federal Circuit Affirms Cancellation of CeramTec’s Trademarks for Pink Ceramic Hip Implants
January 16, 2025
Color trademarks have traditionally been difficult to obtain. Of the over 4 million trademark registrations, there were less than 1000 color trademarks as of 2019.[1] To be eligible for trademark registration, a color must have acquired distinctiveness and must not be functional. Recently, the Federal Circuit examined the functional component of the analysis and explained why it presents such a hurdle to registration—particularly when a party also obtains patent protection.
On January 3, 2025, the U.S. Court of Appeals for the Federal Circuit upheld the Trademark Trial and Appeal Board (TTAB) decision canceling trademarks claiming protection for the pink color of ceramic hip components.
CeramTec, a manufacturer of ceramic components for artificial hip implants, developed zirconia toughened alumina (ZTA) containing chromia, which imparts pink color and increased hardness. This material was protected under CeramTec’s U.S. Patent No. 5,830,816, which expired in January 2013. In 2012, CeramTec sought trademark protection for the pink color of its ceramic components. CoorsTek, a competitor, successfully petitioned the TTAB to cancel the trademarks, arguing that the pink color was functional.
On appeal, the Federal Circuit affirmed the TTAB decision, emphasizing that trademarks are not registrable or enforceable if the design is functional. The court analyzed the TTAB’s application of the Morton–Norwich factors to determine functionality:
the existence of a utility patent disclosing the utilitarian advantages of the design;
advertising materials in which the originator of the design touts the design’s utilitarian advantages;
the availability to competitors of functionally equivalent designs; and
facts indicating that the design results in a comparatively simple or cheap method of manufacturing the product.
CeramTec GmbH v. Coorstek Bioceramics LLC, No. 2023-1502, 2025 WL 29252 (Fed. Cir. Jan. 3, 2025).
The court also considered TrafFix Devices, Inc. v. Mktg. Displays, Inc., 532 U.S. 23 (2001), which establishes that utility patents are strong evidence of functionality. The Federal Circuit noted that the functionality doctrine ensures the public is free to use innovations after a patent expires.
Based on these findings, the court affirmed that CeramTec’s pink trademarks are functional and therefore ineligible for protection.
If you have any questions about the impact of these changes, please contact your Miller Canfield attorney or the authors of this alert.
[1] Wang, Xiaoren, Should We Worry about Color Depletion? An Empirical Study of USPTO Single-color Trademark Registrations (January 18, 2022). Available at SSRN: https://ssrn.com/abstract=4011677 or http://dx.doi.org/10.2139/ssrn.4011677
California Attorney General Issues Two Advisories Summarizing Law Applicable to AI
If you are looking for a high-level summary of California laws regulating artificial intelligence (AI), check out the two legal advisories issued by California Attorney General Rob Bonta. The first advisory is directed at consumers and entities about their rights and obligations under the state’s consumer protection, civil rights, competition, and data privacy laws. The second advisory focuses on healthcare entities.
“AI might be changing, innovating, and evolving quickly, but the fifth largest economy in the world is not the wild west; existing California laws apply to both the development and use of AI.” Attorney General Bonta
The advisories summarize existing California laws that may apply to entities who develop, sell, or use AI. They also address several new California AI laws that went into effect on January 1, 2025.
The first advisory points to several existing laws, such as California’s Unfair Competition Law and Civil Rights Laws, designed to protect consumers from unfair and fraudulent business practices, anticompetitive harm, discrimination and bias, and abuse of their data.
California’s Unfair Competition Law, for example, protects the state’s residents against unlawful, unfair, or fraudulent business acts or practices. The advisory notes that “AI provides new tools for businesses and consumers alike, and also creates new opportunity to deceive Californians.” Under a similar federal law, the Federal Trade Commission (FTC) recently ordered an online marketer to pay $1 million resulting from allegations concerning deceptive claims that the company’s AI product could make websites compliant with accessibility guidelines. Considering the explosive growth of AI products and services, organizations should be revisiting their procurement and vendor assessment practices to be sure they are appropriately vetting vendors of AI systems.
Additionally, the California Fair Employment and Housing Act (FEHA) protects Californians from harassment or discrimination in employment or housing based on a number of protected characteristics, including sex, race, disability, age, criminal history, and veteran or military status. These FEHA protections extend to uses of AI systems when developed for and used in the workplace. Expect new regulations soon as the California Civil Rights Counsel continues to mull proposed AI regulations under the FEHA.
Recognizing that “data is the bedrock underlying the massive growth in AI,” the advisory points to the state’s constitutional right to privacy, applicable to both government and private entities, as well as to the California Consumer Privacy Act (CCPA). Of course, California has several other privacy laws that may need to be considered when developing and deploying AI systems – the California Invasion of Privacy Act (CIPA), the Student Online Personal Information Protection Act (SOPIPA), and the Confidentiality of Medical Information Act (CMIA).
Beyond these existing laws, the advisory also summarizes new laws in California directed at AI, including:
Disclosure Requirements for Businesses
Unauthorized Use of Likeness
Use of AI in Election and Campaign Materials
Prohibition and Reporting of Exploitative Uses of AI
The second advisory recounts many of the same risks and concerns about AI as relevant to the healthcare sector. Consumer protection, anti-discrimination, patient privacy and other concerns all are challenges entities in the healthcare sector face when developing or deploying AI. The advisory provides examples of applications of AI systems in healthcare that may be unlawful, here are a couple:
Denying health insurance claims using AI or other automated decisionmaking systems in a manner that overrides doctors’ views about necessary treatment.
Use generative AI or other automated decisionmaking tools to draft patient notes, communications, or medical orders that include erroneous or misleading information, including information based on stereotypes relating to race or other protected classifications.
The advisory also addresses data privacy, reminding readers that the state’s CMIA may be more protective in some respects than the popular federal healthcare privacy law, HIPAA. It also discusses recent changes to the CMIA that require providers and electronic health records (EHR) and digital health companies enable patients to keep their reproductive and sexual health information confidential and separate from the rest of their medical records. These and other requirements need to be taken into account when incorporating AI into EHRs and related applications.
In both advisories, the Attorney General makes clear that in addition to the laws referenced above, other California laws—including tort, public nuisance, environmental and business regulation, and criminal law—apply to AI. In short:
Conduct that is illegal if engaged in without the involvement of AI is equally unlawful if AI is involved, and the fact that AI is involved is not a defense to liability under any law.
Both advisories provide a helpful summary of laws potentially applicable to AI systems, and can be useful resources when building policies and procedures around the development and/or deployment of AI systems.
Whistleblower Awarded $1.8 Million for Reporting Hospital Admissions Kickback Scheme
Healthcare professionals play a critical role in ensuring the integrity of the industry. However, unlawful kickbacks and fraudulent claims, if left unreported, undermine the quality of patient care and solvency of government-funded healthcare programs. A recent case involving Oroville Hospital highlights not just the consequences of violating regulations such as the False Claims Act and Anti-Kickback Statute but also the importance of whistleblowers in combatting such schemes.
Oroville Hospital Settlement Details
Oroville Hospital has agreed to pay $10.25 million to resolve allegations of participating in an illegal kickback and self-referral scheme. The settlement is divided, with $9,518,954 going to the federal government and $731,046 to the State of California.
The allegations claim that Oroville Hospital:
Paid Illegal Kickbacks to Physicians – Oroville Hospital allegedly incentivized physicians responsible for inpatient admissions by offering bonuses tied to how many patients they admitted. This practice incentivized unnecessary hospital stays, jeopardizing patient welfare and inflating healthcare costs.
Falsely Billed Medicare and Medi-Cal – The hospital allegedly admitted patients who did not need inpatient care. Furthermore, they also allegedly added false diagnosis codes such as systemic inflammatory response syndrome (SIRS) to claims, inflating reimbursements from Medicare and Medicaid (Medi-Cal in California).
The Vital Role of Whistleblowers in Healthcare Compliance
The Oroville Hospital case underscores the critical importance of whistleblowers in protecting healthcare systems from unlawful practices. The allegations in this case were originally brought forward by a private individual under the qui tam provisions of the False Claims Act.
Under the qui tam provision, whistleblowers can file lawsuits on behalf of the government and potentially receive a portion of any monetary recovery resulting from the case. The whistleblower received approximately $1.8 million or about 17% of the settlement for her role in exposing these unlawful activities.
Why Whistleblowers Are Essential
Whistleblowers are often employees or professionals working within the healthcare system who become aware of illegal or unethical practices. Here is why their role is indispensable:
1. Preventing Patient HarmUnethical behavior, such as unnecessary hospitalizations or improper medical diagnoses, can seriously harm patients. Whistleblowers bring attention to these issues and ensure medical practices prioritize patient health over profit.
2. Protecting Government ResourcesFraudulent claims and improper billing practices drain billions of dollars each year from federal programs such as Medicare, Medicaid, TRICARE, and FEHB. Whistleblowers help uncover these schemes, ensuring that taxpayer funds are used effectively and healthcare remains affordable.
3. Encouraging Transparency and AccountabilityBy exposing unlawful actions, whistleblowers hold organizations accountable and encourage others in the industry to comply with regulations such as the Anti-Kickback Statute and the False Claims Act.
4. Facilitating Internal ImprovementsWhen courts order companies to implement Corporate Integrity Agreements or similar oversight measures as a result of whistleblower actions, healthcare organizations are compelled to implement stronger compliance frameworks, reducing the risk of future violations.
New York City Publishes Updated FAQs for Earned Safe and Sick Time Act
On September 26, 2024, New York City published updated frequently asked questions (FAQs) for the New York City Earned Safe and Sick Time Act (ESSTA) in light of the New York City Department of Consumer and Worker Protection’s (DCWP) adoption of the October 2023 amended rules and the January 2024 law creating a private right of action for ESSTA violations.
While the FAQs provide some clarification and guidance regarding the amended rules and processes and procedures in pursuing a private right of action, they also leave some questions unanswered. In addition, the FAQs provide guidance on topics that were not included in the amended rules, including outlining possible additional uses of safe and sick leave that were not explicitly contemplated.
Quick Hits
On September 26, 2024, New York City released updated FAQs for the Earned Safe and Sick Time Act (ESSTA) to address the October 2023 amended rules and the January 2024 law allowing private rights of action for ESSTA violations.
The updated FAQs clarify and provide guidance regarding the amended rules, processes, and procedures in pursuing a private right of action, while also leaving some questions unanswered.
The updated FAQs provide guidance on additional topics regarding written safe and sick leave policies and additional uses of leave for weather-related health conditions and funerals.
Telecommuting and Remote Employees
With the advent of remote work and telecommuting, the amended rules clarify that an employee who is based outside of New York City is eligible to use safe and sick leave if the employee is “expected to regularly perform work in New York City during a calendar year” but only hours worked by such an employee in New York City will count toward the accrual of safe and sick leave. Additionally, the employee can only use accrued safe and sick leave while performing work in New York City.
While the amended rules provide some examples of how this will apply, the FAQs leave unanswered what “regularly perform work” means for purposes of determining eligibility.
Written Safe and Sick Leave Policies
For employers that have general paid time off policies, the FAQs clarify that employers must maintain written safe and sick leave policies in a single writing. Policies are not in a single writing “if they are split up across multiple documents or locations. An employer may supplement a national policy with an NYC-specific policy, provided that the national and local policies are not confusing or contradictory.”
Despite this guidance, the FAQs do not expound on the meaning of “confusing or contradictory.”
DCWP Investigations and Private Right of Action
As employees can now file a civil action in court and file a complaint with the DCWP, the FAQs provide guidance regarding those processes and procedures. As an initial matter, the FAQs clarify that there are no prerequisites to filing a lawsuit in court for ESSTA violations, and are not required to file a complaint with the DCWP first. Should an employee decide to file complaints in court and with the DCWP for the same alleged violations, the DCWP will stay its investigation until it is notified that “such a civil action has been withdrawn or dismissed without prejudice.” After a final judgment or settlement, the DCWP will then dismiss the complaint unless it “determines the complaint alleges a violation not resolved by such judgment or settlement.”
Additional Uses: Health Conditions Related to Weather Events and Funerals
The FAQs provide that employees may be able to use safe and sick leave for weather-related events, when, for example, weather-related conditions impact the health of employees or their family members such as extreme heat or poor air quality or if exposure to certain weather would pose a risk to the employee or family member due to an underlying medical condition.
In addition, the FAQs state that an employee may use safe and sick leave to attend a funeral if an employee is experiencing anxiety or depression or if a family member needs care for a mental or physical health condition.
Exhausting Available Safe and Sick Leave
Under the ESSTA, generally, it is the employee who decides whether to use safe and sick leave and how much accrued safe and sick leave to use. In reaffirming this rule, the FAQs provide that employers are “prohibited from deducting from an employee’s leave bank when the employee does not wish to use safe and sick leave to cover an absence.” Notwithstanding, the FAQs clarify that the ESSTA “does not require an employer to provide unpaid time off when an employee does not wish to use safe and sick leave to cover an absence and is not eligible for other paid leave.” However, the FAQs note that other laws may require an employer to grant unpaid time off.
Pay Statement Requirements and Unlimited Paid Time Off
The ESSTA requires employers to inform employees on their paystubs of the amount of safe and sick leave used during the pay period and the balance of accrued time remaining.
For those employers that offer unlimited safe and sick leave or unlimited paid time off, the FAQs state that “in very limited circumstances,” an employer will not be required to provide documentation showing accrual, use, and balance information each pay period. Whether this exception applies will depend on “the nature of the employer’s written safe and sick leave policy, including whether any restrictions apply, and whether in practice leave is truly unlimited.”
Even if an exception applies, the FAQs clarify that employers must still keep records showing compliance with the ESSTA.
Next Steps
Employers based in or with remote employees in New York City may wish to review their current policies and make any necessary revisions based on the updated FAQs. Employers may also want to review with and train supervisors and human resources professionals to ensure compliance and update existing practices to align with the above updates to minimize the potential for enforcement actions by the DCWP or for lawsuits by employees.
New Year, New Leave Laws – Understanding State Leave Law Updates Effective January 1, 2025
When did you last look at your employee leave policies? As the calendar turns to a new year, new changes often arrive, and 2025 is no exception. Employers should take note of the recent updates to state leave laws that went into effect on January 1, 2025.
Here are some states have implemented new or expanded leave laws as of January 1, 2025:
Connecticut
Employers with 25 or more employees working in the state of Connecticut must provide paid sick leave to all employees. Employees can accrue one hour of paid sick leave for every 30 hours worked, up to a maximum of 40 hours per year. Employers now have the option to frontload the paid sick leave at the beginning of each year, rather than being required to carry over unused leave to the next year. This leave can be used for the diagnosis, care, or treatment of an employee’s or their family member’s illness or injury, or for specific needs related to family violence or sexual assault.
Delaware
Employers with 10 or more employees primarily working in Delaware must begin making payroll deductions for the Delaware Paid Family and Medical Leave Program. Employers are required to contribute 0.8% of wages, and they can require their employees to pay up to 50% of the cost of the program. The first contribution payment is due by April 30, 2025.
Maine
Maine employers are also required to begin making payroll deductions to the state’s Paid Family and Medical Leave Program. Unlike Delaware, the law applies to any employer with at least one employee based in Maine. Employers with 15 or more employees must contribute 1% of wages to the program, with the option to deduct up to 50% of this contribution from employees’ wages. Employers with fewer than 15 employees must contribute 0.5% of wages, and they can deduct the entire contribution from employees’ wages. Employers covered by this law must ensure they are registered in the Maine Leave Contributions Portal to start making payments. The first payment is due by April 30, 2025.
New York
New York now requires employers to provide all employees residing in the state with an additional 20 hours of paid prenatal personal leave for any healthcare services related to pregnancy. This includes services such as physical exams, medical procedures, testing, consultations with healthcare providers, end of pregnancy care, and fertility treatment. This leave is available only to the pregnant employee receiving healthcare services and does not extend to spouses, partners, or other support persons. Pregnant employees using this leave will be paid at their regular rate of pay or the applicable minimum wage rate, whichever is greater. Once the pregnancy concludes, the employee is no longer eligible for this additional leave.
Upcoming Changes in Other States
These are just a few of the state leave laws that took effect at the start of 2025. However, additional changes are on the horizon, including Michigan’s Earned Sick Time Act, effective February 21, 2025; Missouri’s paid sick leave law, effective May 1, 2025; and Nebraska’s paid sick leave law, effective October 1, 2025. As more laws are introduced throughout the year, staying informed about these changes is essential for ensuring compliance and effectively supporting employees.
Listen to this post
EnforceMintz —Could the Supreme Court’s Decision in Jarkesy Mean the End to HHS Civil Monetary Penalty Authorities as We Know Them?
Last June, the Supreme Court issued its decision in Securities and Exchange Commission v. Jarkesy, which holds that the Seventh Amendment entitles a defendant to a jury trial when the Securities and Exchange Commission (SEC) seeks to impose civil monetary penalties (CMPs) for a securities fraud violation. While the Jarkesy decision focused on the SEC’s administrative process, enforcement actions involving CMPs brought by other federal agencies, such as the Department of Health and Human Services (HHS), also proceed through an agency tribunal as opposed to a jury trial. In particular, the Centers for Medicare & Medicaid Services (CMS), which is part of HHS, has the authority to issue CMPs in countless circumstances.
As of the date of this article, we are not aware of any federal court case that specifically challenges HHS’s administrative CMP process, but parties are starting to assert Jarkesy-based arguments in appealing HHS administrative actions. For example, in November, the HHS Departmental Appeals Board (DAB) issued a decision on an appeal filed by a skilled nursing facility (SNF) that raised Jarkesy-based arguments. The SNF had challenged an administrative law judge’s (ALJ) decision to grant summary judgment in favor of CMS in a case where CMS imposed a CMP of $1,103 per day for 109 days of noncompliance with certain Medicare participation requirements. In pertinent part, the SNF moved for the DAB to remand and refund its CMP. The SNF argued that, based on Jarkesy, the ALJ proceeding to review the imposition of CMPs was “void ab initio,” that the ALJ did not have the constitutional authority to conduct its review, and that the CMP appeal should have been heard before a jury.
Ultimately, the DAB vacated the ALJ’s decision and remanded the matter for further proceedings consistent with the DAB’s decision. Notably, however, the DAB rejected the SNF’s Jarkesy arguments because (i) the SNF’s case concerns “an entirely separate statutory authority and regulatory scheme…as administered by [HHS],” (ii) Jarkesy does not apply to the Medicare administrative appeal regime, and (iii) the Supreme Court did not hold that every agency’s attempt to impose and support CMPs necessarily is a suit at common law that must be adjudicated by an Article III court (a point that was key to the Supreme Court’s decision). The DAB also emphasized that it is not the DAB’s role to invalidate any part of the Social Security Act or its implementing regulations. This point was consistent with the DAB’s longstanding approach that ALJs may not declare a statute or regulation to be unconstitutional or refuse to apply or follow a statute or regulation on that basis.
Surely, this proceeding will not be the last time the agency encounters a Jarkesy-based argument. It is only a matter of time before the question of whether and how Jarkesy applies to HHS’s CMP authorities finds its way before the courts. If such a challenge were to succeed, it could upend the agency’s enforcement process as we know it and lead to seismic shifts in the types of enforcement matters HHS prioritizes and pursues. For now, we imagine that HHS (and other agencies) are likely reviewing their CMP procedures and reliance on ALJs to oversee these proceedings for Jarkesy-related vulnerabilities.
EnforceMintz — Novel Criminal Charges and Emerging Civil Trends from Opioid Enforcement in 2024
In past years we have discussed how opioid-related enforcement efforts have remained a top federal and state priority (here, here, and here). In 2024, opioid-related enforcement efforts continued across the entire opioid supply chain, and two themes dominated the most significant opioid cases and resolutions of 2024. First, two major settlements from the past year highlight examples of allegations that crossed a line, prompting the government to pursue criminal charges. Second, a number of recent cases against pharmacies involve a common theory of liability based on the Controlled Substances Act (CSA), which served as the basis for civil liability under the False Claims Act (FCA).
Opioid-Related Criminal Resolutions
In February 2024, Endo, a pharmaceutical manufacturer that previously filed for bankruptcy, reached a global resolution of various criminal and civil investigations into the company’s sales and marketing of opioid drugs. The company agreed to pay the government $464.9 million over 10 years (though the actual total payment amount will likely be much lower due to bankruptcy).
To resolve the criminal investigation, Endo agreed to plead guilty to a one-count misdemeanor charge for violations of the federal Food, Drug, and Cosmetic Act (FDCA). That charge related to the company’s marketing of the drug’s purported abuse deterrence, tamper-resistant, or crush-resistant properties to prescribers, despite a lack of supporting clinical data. In the plea agreement, the company admitted responsibility for misbranding its opioid drug by marketing the drug with a label that failed to include adequate directions for its claimed abuse deterrence use, in violation of the FDCA.
More recently, in December 2024, McKinsey & Company, a worldwide management consulting firm, agreed to pay $650 million to resolve criminal and civil investigations related to the firm’s consulting work for Purdue Pharma, the maker of OxyContin. As noted in the government’s press release, the McKinsey resolution was the first time a management consulting firm has been held criminally responsible for its advice resulting in a client’s criminal conduct.
The two-count criminal charging document accused McKinsey of conspiring to misbrand a controlled substance and obstruction of justice. The conspiracy charge related to McKinsey’s work to “turbocharge” OxyContin sales by targeting high-volume opioid prescribers. The obstruction charge arose from the alleged deletion by a senior partner of certain documents related to the company’s work for Purdue. To resolve those charges, McKinsey entered into a five-year deferred prosecution agreement (DPA). Under the DPA, McKinsey agreed not to do any consulting work related to the marketing, sale, or distribution of controlled substances and agreed to implement significant changes to its compliance program. Separately, the former McKinsey senior partner who allegedly destroyed records relating to the company’s work for Purdue was charged with obstruction of justice and agreed to plead guilty to that charge.
These two resolutions are relevant to all entities in the opioid supply chain, from manufacturers to consultants and all stakeholders in between. Sales and marketing practices, or abuse deterrence claims or practices targeting prescribers based on volume, can lead to both civil liability and potential criminal exposure.
Pharmacies Face Potential FCA Liability Based on CSA Violations
On the civil side, three opioid enforcement actions were particularly noteworthy. Three years ago, we highlighted some of the first pharmacy-related resolutions, which showed that pharmacies were “next in line” for opioid related enforcement. In 2024, two substantial settlements involved alleged CSA violations giving rise to FCA liability. A third FCA lawsuit filed in December 2024 against the nation’s largest pharmacy shows that this trend will likely continue in 2025 and beyond.
In July 2024, Rite Aid and its affiliates agreed to settle allegations brought by the government related to its opioid dispensing practices. Rite Aid had previously filed for bankruptcy, so the settlement agreement involved a payment of $7.5 million, plus a general unsecured claim of $401.8 million in the bankruptcy case.
The government alleged that Rite Aid pharmacists dispensed unlawful prescriptions and failed to investigate “red flags” before dispensing opioid prescriptions, then improperly submitted claims to the government for reimbursement of those prescriptions. The government alleged that the company dispensed unlawful prescriptions by (1) filling so-called “trinity” prescriptions, which are a combination of opioid, benzodiazepine, and muscle relaxants; (2) filling excessive quantities of opioid prescriptions; and (3) filling prescriptions written by prescribers previously identified as suspicious by pharmacists.
Similarly, in December 2024, Food City, a regional grocery store and pharmacy based in Virginia agreed to pay $8.48 million to resolve allegations that it dispensed opioids and other controlled substances in violation of the CSA and the FCA. Like the Rite Aid case, the government alleged that these prescriptions were medically unnecessary, lacked a legitimate medical purpose, or were not dispensed pursuant to valid prescriptions. The government alleged that Food City ignored “red flags” including, among other things, (1) prescribers who wrote unusually large opioid prescriptions; (2) early refills of opioids; (3) prescriptions for unusual quantities or combinations of opioids; and (4) patients who were filling prescriptions for someone else, driving long distances to fill prescriptions, or paying cash for prescriptions.
Also in December 2024, the Department of Justice announced that it had intervened in a nationwide lawsuit alleging that CVS Pharmacy filled unlawful prescriptions in violation of the CSA and sought reimbursement for those prescriptions in violation of the FCA. The lawsuit is currently pending. The theory of liability asserted against CVS is similar to the Rite Aid and Food City cases: CVS allegedly filled unlawful prescriptions, ignored “red flags” of abuse and diversion, and sought reimbursement from federal health care programs for unlawful prescriptions in violation of the FCA.
Under the CSA and applicable regulations, pharmacists dispensing controlled substances, like opioids, have a “corresponding responsibility” to ensure that the prescription was issued for a legitimate medical purpose. 21 C.F.R. § 1306.04(a). Exercising that corresponding responsibility requires identifying and resolving “red flags” before filling a prescription. There is no defined list of what the government deems to constitute “red flags” and determining the existence of red flags is often context dependent. Because FCA lawsuits based on alleged CSA violations appear to be a growing trend, these three cases provide helpful guidance for companies seeking to mitigate risk by implementing corporate compliance programs designed to identify and resolve “red flags” related to opioid prescriptions.
California AG Issues AI-Related Legal Guidelines for Developers and Healthcare Entities
The California Attorney General published two legal advisories this week:
Legal Advisory on the Application of Existing California Laws to Artificial Intelligence
Legal Advisory on the Application of Existing California Law to Artificial Intelligence in Healthcare
These advisories seek to remind businesses of consumer rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, CCPA), and to advise developers who create, sell, or use artificial intelligence (AI) about their obligations under the CCPA.
Attorney General Rob Bonta said, “California is an economic powerhouse built in large part on technological innovation. And right alongside that economic might is a strong commitment to economic justice, workers’ rights, and competitive markets. We’re not successful in spite of that commitment — we’re successful because of it [. . .] AI might be changing, innovating, and evolving quickly, but the fifth largest economy in the world is not the wild west; existing California laws apply to both the development and use of AI. Companies, including healthcare entities, are responsible for complying with new and existing California laws and must take full accountability for their actions, decisions, and products.”
Advisory No. 1: Application of Existing California Laws to Artificial Intelligence
This advisory:
Provides an overview of existing California laws (i.e., consumer protection, civil rights, competition, data protection laws, and election misinformation laws) that may apply to companies that develop, sell, or use AI;
Summarizes the new California AI law that went into effect on January 1, 2025, such as:
Disclosure Requirements for Businesses
Unauthorized Use of Likeness
Use of AI in Election and Campaign Materials
Prohibition and Reporting of Exploitative Uses of AI
Advisory No. 2: Application of Existing California Law to Artificial Intelligence in Healthcare
AI tools are used for tasks such as appointment scheduling, medical risk assessment, and medical diagnosis and treatment decisions. This advisory:
Provides guidance under California law, i.e., consumer protection, civil rights, data privacy, and professional licensing laws—for healthcare providers, insurers, vendors, investors, and other healthcare entities that develop, sell, and use AI and other automated decision systems;
Reminds such entities that AI carries harmful risks and that all AI systems must be tested, validated, and audited for safe, ethical, and lawful use;
Informs such entities that they must be transparent about using patient data to train AI systems and alert patients on how they are using AI to make decisions affecting their health and/or care;
This is yet another example of how issues related to the safe and ethical use of AI will likely be at the forefront for many regulators across many industries.
EnforceMintz — Long Tail of Pandemic Fraud Schemes Will Likely Result in Continued Enforcement for Years to Come
In last year’s edition of EnforceMintz, we predicted that 2024 would bring an increase in False Claims Act (FCA) enforcement activity related to COVID-19 pandemic fraud. Those predictions proved correct. The COVID-19 Fraud Enforcement Task Force (CFETF), in conjunction with five COVID Fraud Enforcement Strike Forces and other government agencies, has resolved many significant criminal and civil pandemic fraud cases over the past year. In April 2024, the CFETF released a COVID-19 Fraud Enforcement Task Force 2024 Report (the CFETF Report) describing the CFETF’s recent efforts and including a plea for more fraud enforcement funding, which suggests that additional enforcement activity is on the horizon. While that funding request has thus far gone unheeded, we expect more civil pandemic fraud enforcement actions (and continuing criminal actions) in 2025.
Civil and Criminal Paycheck Protection Program (PPP) Fraud Enforcement
Since 2020, criminal PPP fraud has dominated COVID-19 fraud enforcement headlines, and 2024 was no different. Criminal fraud schemes have concerned common fact patterns involving fraudsters who (i) obtained funding to which they were not entitled, (ii) submitted false certifications or inaccurate information in a loan application, or (iii) submitted false certifications or inaccurate information in seeking loan forgiveness. However, in the past year, civil PPP fraud enforcement has begun to evolve.
In 2024, criminal PPP fraud enforcement broke up multiple COVID-19 fraud rings involving actors who fraudulently obtained loans for fictitious businesses, packed PPP applications with false documentation (provided in exchange for kickbacks), and falsely certified information regarding the number of employees and payroll expenses that would entitle them to PPP funding. Typical charges in these cases included wire fraud, bank fraud, making false statements to federally insured financial institutions, conspiracy, and money laundering.
On the civil side, PPP fraud enforcement seemed to increase in 2024. Interestingly, some civil PPP fraud cases involved schemes similar to criminal actions. Often the government’s decision to pursue such cases as civil, criminal, or both depends on the evidence of intentional fraud. For example, in January 2024, a clinic and its owners agreed to a $2 million judgment in connection with multiple fraudulent acts, including PPP fraud arising from their certification that they were not engaged in illegal activity and that their business suffered quarterly or year-over-year losses, therefore entitling them to PPP funding. In October 2024, one FCA recovery totaling $399,990 involved a home health agency and its owner who received two PPP loans after certifying that the company would receive only one. More recently, in December 2024, a private asset management company and its owner agreed to pay $680,000 to settle FCA allegations brought by a relator. The company and its owner allegedly falsely certified that PPP loans were economically necessary and included false statements in the information submitted when seeking forgiveness for the loan. Cases of this nature apparently did not rise to the level of criminal wrongdoing, in the government’s view.
A number of civil PPP fraud FCA cases from the past year involved increasingly complex theories and allegations. These more complicated fact patterns require years of investigation and are expensive. As a result, such fraud enforcement actions may have a “long tail” and continue for years to come.
For example, in May 2024, a private lender of PPP loans agreed to resolve allegations that it knowingly awarded inflated and fraudulent loans to maximize its profits, then sold its assets and bankrupted the company. The lawsuit was initiated by whistleblowers (known under the FCA as “relators”), including an accountant and former analyst in the lender’s collection department. As part of the settlement with the lender, the United States received a general unsecured claim in the bankruptcy proceeding of up to $120 million.
More recently, in December 2024, the United States intervened in a complaint against certain former executives of the lender who allegedly violated the FCA by submitting and causing the submission of false claims for loan forgiveness, loan guarantees, and processing fees to the Small Business Administration (SBA) in connection with lender’s participation in the PPP. When we discussed this case previously, we noted that we expected to see similar cases in the future brought against private lenders who failed to safeguard government funds. More broadly, we expect the trend of increasingly complex civil PPP fraud actions will continue in 2025.
Fraud Enforcement Involving Programs Administrated by the Health Resources and Services Administration (HRSA)
Provider Relief Fund (PRF) and Uninsured Program (UIP) fraud enforcement picked up in 2024. As described in the CFETF Report, the CFETF has leveraged an interagency network to make strategic improvements in how it investigates fraud. (Interagency collaboration is another theme from 2024, which we discuss more here.) The CFETF Report also describes a department-wide effort by the Department of Justice (DOJ) to roll out database tools to all US Attorney’s Offices to detect and investigate fraud. According to the CFETF Report, DOJ has analyzed more than 225 million claims paid by HRSA, the entity that dispensed PRF and UIP loans during the height of the pandemic. Closer investigatory scrutiny has led to increased enforcement actions.
PRF Fraud
Criminal PRF fraud enforcement resembled PPP enforcement from prior years, which was often based on theft or misappropriation theories. These enforcement actions often include charges against PRF recipients who either (i) retained funds to which they were not entitled or (ii) used PRF funds for ineligible expenses, like luxury goods. For example, in April 2024, a defendant who operated a primary care clinic pleaded guilty to theft and misappropriation of PRF funds. The defendant had certified that PRF funds would be used by the clinic only to prevent, prepare for, and respond to COVID-19. Despite making this representation, the clinic operator used the PRF funds for personal purposes, including cash withdrawals and the purchase of personal real estate, a luxury vehicle, a boat, and a trailer.
UIP Fraud
There were a number of noteworthy criminal UIP enforcement actions in 2024. In March 2024, a defendant was charged with filing fraudulent COVID-19 testing reimbursement, through the laboratory he managed, for COVID-19 testing that was never provided. The defendant allegedly obtained and used the personal identifying information of incarcerated or deceased individuals in connection with those claims. The indictment alleged that the defendant received $5.6 million in reimbursement and used those UIP funds to purchase property in South Florida.
Enforcement actions involving UIP funds involved significant alleged losses by the government. In February 2024, a defendant pleaded guilty to mail fraud and identity theft charges in what the government called “one of the largest COVID fraud schemes ever prosecuted.” The defendant and her co-conspirators filed more than 5,000 fraudulent COVID-19 unemployment insurance claims using stolen identities to unlawfully obtain more than $30 million in UIP fund benefits. To execute the scheme, the defendant and others created fake employers and employee lists using the personally identifiable information of identity theft victims. The defendant was sentenced to 12 years in prison, and seven co-conspirators have also pleaded guilty in connection with this large fraudulent scheme.
In one major civil FCA resolution, in June 2024, a group of affiliated urgent care providers agreed to pay $12 million to resolve allegations that they submitted or caused the submission of false claims for COVID-19 testing to the HRSA UIP. The government alleged that the providers knew their patients were insured at the time of testing (and in some instances had insurance cards on file for certain patients), yet they submitted claims (and caused laboratories to submit claims) to HRSA’s UIP for reimbursement. The resolution is noteworthy because the providers received a relatively low FCA damages multiplier as credit for cooperating with the government in its investigation under DOJ’s Guidelines for Taking Disclosure, Cooperation, and Remediation into Account in False Claims Act Matters. More information on DOJ’s efforts to encourage voluntary self-disclosure can be found in our related EnforceMintz article here.
Fraud Schemes Involving Respiratory Pathogen Panels
Fraud involving expensive respiratory pathogen panels (RPPs) has been in the spotlight since the beginning of the pandemic. In 2022, the Office of Inspector General for the Department of Health and Human Services (OIG) warned about laboratories with questionably high billing for tests submitted for reimbursement alongside COVID-19 tests, including RPPs. The OIG deemed this scenario as deserving of “further scrutiny.” Medicare reimbursed some outlier laboratories approximately $666 dollars for COVID-19 testing paired with other add-on tests while Medicare reimbursed approximately $89 for this same testing to the majority of laboratories. The trend in RPP fraud enforcement that we discussed last year continued in 2024: enforcement actions involved a mix of criminal and civil RPP fraud cases involving significant damages.
One laboratory owner was criminally charged with submitting $79 million in fraudulent claims to Medicare and Texas Medicaid for medically unnecessary RPP tests. The laboratory owner used the personal information of a physician — without the physician’s knowledge — to submit the claims even though the physician had no prior relationship with the test recipients, was not treating the recipients, and did not use the test results to treat the recipients. The government seized over $15 million in cash from this defendant.
In another case involving both criminal and civil charges, a Georgia-based laboratory and its owner agreed to pay $14.3 million to resolve claims that they paid independent contractor sales representatives volume-based commissions to recommend RPP testing to senior communities interested only in COVID-19 testing. The independent sales contractors used forged physician signatures and sham diagnosis codes to add RPP testing to requisition forms ordering only COVID-19 testing. The whistleblower in this case — the laboratory’s manager — is set to receive $2.86 million of the recovery.
As the government continues to deploy data analytics to identify outlier cases, we suspect enforcement actions involving COVID-19 companion testing will continue.
Future of COVID-19 Enforcement
Over four years from the enactment of the CARES Act, COVID-19 fraud enforcement continues to evolve. Since the beginning, the government has consistently pursued criminal cases involving misused or fraudulently obtained funds, fake COVID cures, and fake COVID testing. In 2022, the government extended the statute of limitations for PPP fraud from five to ten years, recognizing that more time was needed to investigate and prosecute fraud on these programs.
This past year, a broader range of pandemic fraud schemes were prosecuted criminally and civilly. These often data-heavy or analytics-based cases require a significant investment of time and resources. Recognizing the resources required for these more complicated matters, the CFETF called for increased funding and an extension of the statute of limitations for all pandemic-related fraud in the CFETF Report. As of the date of this publication, that request has not yet been answered. It thus appears the funding request will be determined by the new administration.
Despite uncertainty around future funding for COVID-19 fraud enforcement, we anticipate more criminal and high-dollar civil enforcement actions in 2025. The CFETF Report described 1,200 civil pandemic fraud matters pending as of April 1, 2024, for which DOJ had obtained more than 400 judgments or settlements totaling over $100 million. This leaves approximately 800 pending civil matters, and untold billions in fraudulently obtained funds still in the hands of fraudsters. Despite uncertainty around future fraud enforcement funding, as a general matter, fraud enforcement has bipartisan support. Either way, employees, related parties, and patient relators — with the support of sophisticated relator’s counsel — will likely continue to bring pandemic fraud cases in the coming years. Overall, COVID-19 fraud enforcement is unlikely to slow down in 2025.