In the Wake of the Safe Harbor Updates - Key Takeaways

What Pharmaceutical & Medical Technology Manufacturers Need to Know About the Safe Harbor Updates

At the end of 2020 the Department of Health and Human Services (“DHHS”) Office of Inspector General (“OIG”) issued the Final Rule adding new safe harbors and amending existing safe harbors to the U.S. Federal Anti-Kickback Statute (“AKS”) and the Civil Monetary Penalties ("CMP") Law. The Final Rule became effective on January 19, 2021.

Below we have summarized changes made to four existing AKS safe harbors that are relevant for pharmaceutical and medical technology makers. Following that, we’ve included the seven new safe harbors and the CMP law update, which, with limited exceptions, are largely not available to manufacturers.

Personal Services and Management Contracts Safe Harbor

Changes to the Personal Services and Management Contracts Safe Harbor impact pharmaceutical and medical technology manufacturers in the following three key ways:

1. Rather than requiring that aggregate compensation be set in advance, the safe harbor now requires that the compensation methodology be set in advance;
2. Specifying the exact schedule, length, and intervals of part-time services is no longer required; and
3. Lastly, the safe harbor now applies to certain outcome-based payment arrangements.

For those familiar with structuring contracts to meet the Personal Services and Management Contracts Safe Harbor, you will recall that the previous language that required periodic or part-time consulting agreements to specify “exactly the schedule of such intervals, their precise length, and the exact charge for such intervals.” Thankfully, this element of the safe harbor was removed entirely.

Additionally, the safe harbor previously required companies to identify and set in advance the total compensation (or “cap”) paid over the term of the agreement in the written contract. Now, only the methodology for determining payment is required to be set in advance, e.g., setting an hourly rate to be paid for the services outlined.

Of course, compensation must still be consistent with fair market value in an arm’s length transaction and cannot be determined in a manner that takes into account the volume or value of referrals or business generated between the parties.

These changes allow more flexibility and certainty for parties entering into a fee-for-service arrangement, e.g., for a physician entering a speaker bureau consultancy with a manufacturer. The previous requirement to set a cap on aggregate compensation in advance was tricky and burdensome.

Also, it was nearly impossible to specify in advance, with any level of precision and certainty, the exact schedule, length, and intervals of part-time services to be performed by a consultant. By design, consultants are typically used on an “as needed” basis.

With these updates, parties to a consulting arrangement can be more confident that the arrangement will fit within the Personal Services and Management Contracts Safe Harbor.

A new section was also added to the Personal Services and Management Contracts Safe Harbor to protect certain outcomes-based payment arrangements. This extension of the safe harbor protects certain payments made to the agent related to improvement in quality of patient care outcome measures as part of a separate outcome-based payment arrangement.

Warranties Safe Harbor

Warranties that cover any payment or exchange of value (e.g., free replacement product) are commonly offered by manufacturers to customers. The Warranties Safe Harbor is available to any type of entity. Previously, the warranty safe harbor only protected warranties on the sale of a single item.

The definition of “warranty” was revised and protection was added for bundled warranties covering one or more items and related services. See § 1001.952(g). Warranties for service-only sales are still not protected.

It is important to note that this safe harbor still only covers actions taken and the provision of items necessary to effect a warranty and does not shield from prosecution the provision of free or discounted items or services that have independent value to a buyer.

With this expanded protection of warranties, the government added two additional requirements to the Warranties Safe Harbor:

1. Bundled warranties (i.e., covering both items and services) must be "reimbursed by the same Federal health care program and in the same Federal health care program payment"; and
2. Warranties must not be conditioned on the buyer’s “exclusive use of” or a “minimum purchase of” any of the supplier’s items or services.

Electronic Health Records Safe Harbor

Software companies should pay particular attention to these updates. At a high-level, the Electronic Health Records Safe Harbor has been updated to protect certain cybersecurity software and services (e.g., electronic health record or "EHR" providers) donations and to update the definition of "interoperable" software.

The Final Rules also removed the December 31, 2021 sunset date. See § 1001.952(y).

Local Transportation Safe Harbor

The Local Transportation Safe Harbor, which was added in 2016, was updated to increase the mileage limits for transportation from rural areas from 50 to 75 miles. Now, the maximum distance a patient can be transported from an inpatient facility upon discharge to a residence is 75 miles. See § 1001.952(bb).

New Value-Based Safe Harbors

Although the updates remove some roadblocks allowing companies to follow along with the shift by DHHS toward value- and outcomes-based care arrangements, pharmaceutical and medical technology manufacturers are largely ineligible for protection from these new safe harbors.

Nevertheless, there are some notable updates to four existing safe harbors that could impact manufacturers.

The Final Rule adds seven new safe harbors to the AKS. The new safe harbors primarily relate to protecting coordinated care and outcome-based arrangements, which aligns with DHHS' broader initiative:

1. Care Coordination Arrangements to Improve Quality, Health Outcomes, and Efficiency (§ 1001.952(ee));
2. Value-Based Arrangements With Substantial Downside Financial Risk (§ 1001.952(ff));
3. Value-Based Arrangements With Full Financial Risk (§ 1001.952(gg));
4. Patient Engagement and Support (§ 1001.952(hh));
5. CMS-Sponsored Models (§ 1001.952(ii));
6. Cybersecurity Technology and Services (§ 1001.952(jj)); and
7. Medicare shared savings ACO beneficiary incentives. (§ 1001.952(kk)).

Who can use these new safe harbors? Unfortunately, not drug or device makers.

Per the Final Rule, the OIG includes a lengthy list of entities that are “ineligible” to use most of the new safe harbors, including:

Pharmaceutical manufacturers, distributors, and wholesalers; pharmacy benefit managers (PBMs); laboratory companies; pharmacies that primarily compound drugs or primarily dispense compounded drugs; manufacturers of devices or medical supplies; entities or individuals that sell or rent durable medical equipment, prosthetics, orthotics and supplies (DMEPOS) (other than a pharmacy or a physician, provider, or other entity that primarily furnishes services); and medical device distributors and wholesalers. [Emphasis added.]

The only new safe harbor that some device or medical supply companies may be able to utilize is the Care Coordination Safe Harbor. This safe harbor is available to “limited technology participants,” which may include manufacturers of a medical device or medical supply, but curiously is NOT available for manufacturers that have, or will be, reporting physician ownership or investment interests under the Federal Physician Payments Sunshine Act (a.k.a., Open Payments).

For those eligible medical device and medical supply companies, digital health technology is defined as “hardware, software, or services that electronically capture, transmit, aggregate, or analyze data and that are used for the purpose of coordinating and managing care; such term includes any internet or other connectivity service that is necessary and used to enable the operation of the item or service for that purpose.” See 42 CFR 1001.952(ee)(14)(iii).

Along with pharmaceutical manufacturers, DMEPOS companies are also excluded from using the Care Coordination Safe Harbor. To justify their ineligibility, the OIG cites its enforcement experience with DEMPOS companies revealing "persistent and troubling fraud and abuse in sectors of the DMEPOS industry." See Final Rule at 77784.

Civil Monetary Penalties ("CMP") Law Update

The CMP Law allows for penalties to be exacted against someone that offers or transfers “remuneration” to a Medicare or state health care program (e.g., Medicaid) beneficiary when the person knows or should have known that the offer or transfer of remuneration is likely to influence the beneficiary’s selection of a particular provider, practitioner, or supplier for an item payable by Medicare or a state health care program.

Title 42 of U.S.C. Section 1320a–7a(i)(6) defines ‘‘remuneration’’ to include "transfers of items or services for free or for other than fair market value". The CMP Law also includes a number of exceptions to the definition of ‘‘remuneration.’’ An exception to the definition of "remuneration" was added to the CMP Law, which allows for certain telehealth technologies to be provided to qualified in-home dialysis patients. See 42 CFR 1003.110.

This new exception protects arrangements where telehealth technologies (defined below) are provided by the provider of services, physician, or the renal dialysis facility that is currently providing the in-home dialysis to patients with end-stage renal disease (ESRD) receiving home dialysis.

Telehealth technology is defined as “hardware, software, and services that support distant or remote communication between the patient and provider, physician, or renal dialysis facility for diagnosis, intervention, or ongoing care management.” See 42 CFR 1003.110.

The new exception only protects arrangements where the telehealth technology is provided by the physician, provider of services, or facility, and would not protect a drug or device maker supplying the technology.

Need assistance?

Contact the Gardner Law Compliance team, led by Mark Gardner, MBA, JD and Amanda Johnston, JD, RAC to assist your organization with designing, implementing, auditing, and monitoring a compliance program that will help your organization maintain compliance with the Anti-Kickback Statute, the False Claims Act, the Civil Monetary Penalties Law, the Stark Law, the Physician Payments Sunshine Act (Open Payments), the Food, Drug and Cosmetic Act, HIPAA/HITECH, Federal Trade Commission Act, among other laws.