On March 2, 2023, the Federal Trade Commission (FTC) announced that it had reached a $7.8 million settlement with mental health and online counseling platform, BetterHelp, Inc. (“BetterHelp”). The FTC alleged that BetterHelp shared consumers’ sensitive health data combined with other personal information (PI) with third party advertising platforms without first obtaining affirmative consent and

Ryan P. Blaney
Ryan Blaney represents health care, life science, and technology clients in a range of regulatory, enforcement, internal investigative and transactional matters, with particular expertise in privacy law, life sciences and digital health. He also has expertise in regulatory compliance, counseling clients on a range of matters, including health care fraud and abuse, third party reimbursement, data breach issues, data privacy and security, and FDA regulatory matters. He has substantial experience in pharmaceutical lifecycle management and competition issues, including the Hatch- Waxman Act and Biosimilars Price Competition and Innovations Act.
Ryan serves information technology companies, public and private health care companies, hospitals and physician organizations, manufacturers, medical device companies, and health plans. He guides venture capital groups, private equity funds, investment banks, and other investors on health care regulatory issues in connection with financing, mergers and acquisitions, and restructuring.
Ryan’s work is greatly informed by his experience as a teacher. Prior to attending law school, Ryan earned a master’s degree in education and taught at an under-resourced Catholic middle school. He is known for his ability to communicate clearly and to coordinate large teams working on complex matters. Outside of his health law practice, Ryan has been repeatedly recognized for his public service and pro bono work. He has successfully handled numerous education-related cases, helped establish three nonprofit organizations and defended qualified recipients of disability benefits.
OIG Issues Special Fraud Alert Regarding Telemedicine Arrangements
On July 20, 2022, the Office of Inspector General for the Department of Health and Human Services (“OIG”) issued a special fraud alert (“Alert”) advising “practitioners to exercise caution when entering into arrangements with purported telemedicine companies.” The Alert is only one of four such “special fraud alerts” that the OIG has issued in the past decade and it illustrates the importance of OIG’s statements.
OIG Flags Seven Characteristics of Telehealth Fraud
In the Alert, OIG cautions that certain companies that purport to provide telehealth, telemedicine, or telemarketing services (collectively, “Telemedicine Companies”) have carried out fraudulent schemes by: (i) aggressively recruiting physicians and non-physician practitioners (collectively, “Providers”) and (ii) paying kickbacks to such Providers in exchange for the ordering of unnecessary items or services, including durable medical equipment, genetic testing, and other prescription items. According to OIG, the fraudulent schemes have varied in design and operation and involved a variety of individuals, Providers, and health care vendors, including call centers, staffing companies, and marketers.…
Continue Reading OIG Issues Special Fraud Alert Regarding Telemedicine Arrangements
HHS Issues HIPAA Guidance on Remote Communication Technologies for Audio-Only Telehealth
The Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), recently issued new regulatory guidance relating to covered entities’ HIPAA-compliant use of remote communication technologies for audio-only telehealth services. This guidance is a direct response to a December 2021 Executive Order that tasked HHS with developing HIPAA guidance for telehealth services, with the stated goals of improving “patient experience and convenience” as the COVID-19 public health emergency subsides. HHS has issued this guidance in anticipation of the national public health emergency ending, at which time OCR’s Telehealth Notification loses effect.
The new HIPAA guidance affects covered entities in four key ways.…
Department of Health and Human Services Issues Request for Information on Cybersecurity Standards
The Department of Health and Human Services (“HHS”) has issued a formal request for information from the public about how regulated entities are implementing industry recognized security practices. The request for information represents a chance for the private sector to contribute to HHS regulation. Interested parties have until June 6, 2022 to submit comments.
HHS…
OIG Approves Cash Equivalents Paid to Patients Participating in Contingency Management Program Offered Through Digital Health Technology
Contingency management (CM) is a form of intervention treatment program that incentivizes patients with substance use disorders to observe certain conditions—such as non-use of drugs or alcohol confirmed via urine drug screening or breathalyzer test, or even drug therapy adherence—in exchange for something of monetary value. Adherence is often tracked and confirmed by those that provide the incentive payment through digital health technologies—including apps that can be downloaded to the patient’s smart phone or that are already downloaded to a smart phone provided to the patient as part of a CM program. While many contend that CM is an effective, evidence-based treatment, certain legal barriers limit, and often prevent, its widespread adoption and use. When there is the potential for patients to receive items and services payable by Federal health care programs (FHCPs), CM incentives are subject to scrutiny under the Federal anti-kickback statute (AKS) and the Beneficiary Inducements CMP. A recent advisory opinion issued by the United States Department of Health and Human Services (HHS), Office of Inspector General (OIG), approved a digital health company’s offer to provide cash equivalents to patients participating in a CM program. This favorable result continues to demonstrate OIG’s flexibility notwithstanding regulatory precedent or guidance appearing to the contrary.
…
Continue Reading OIG Approves Cash Equivalents Paid to Patients Participating in Contingency Management Program Offered Through Digital Health Technology
Diagnosing Distress: Top 5 Challenges for Private Credit Lenders in Health Care Restructurings
A variety of conditions may be conspiring against businesses in certain segments of the health care industry. These include reduced patient census at skilled nursing and other long-term care facilities, COVID regulations that limit the ability of providers to give (or patients to receive) various forms of treatment and patients choosing to delay lucrative elective…
HHS Offers Increased Flexibility Regarding the Use of Provider Relief Fund Grant Money and Associated Data Reporting Obligations
This is the second of two posts discussing the June 11, 2021 updates to the PRF reporting requirements and FAQs.
As discussed in our earlier blog post, on June 11, 2021, the U.S. Department of Health and Human Services (“HHS”) released revised COVID-19 Provider Relief Fund (“PRF”) Reporting Requirements, superseding all prior versions of reporting requirements issued by HHS, along with associated revised PRF FAQs, Reporting Portal FAQs, and a Reporting Portal Registration User Guide that each make conforming changes. In addition to the new deadlines discussed in the prior post, the June 11 PRF updates offer providers more clarity into the the priority of eligible uses, required reporting elements, and instructions on how to return unused funds.…
In Significant Update to the Provider Relief Fund, HHS Sets New Deadlines for Providers to Spend PRF Grant Money and Report Uses
This is the first of two posts discussing the June 11, 2021 updates to the PRF reporting requirements and FAQs.
On June 11, 2021, the U.S. Department of Health and Human Services (“HHS”) released revised COVID-19 Provider Relief Fund (“PRF”) Reporting Requirements, superseding all prior versions of reporting requirements issued by HHS, along with associated revised PRF FAQs, Reporting Portal FAQs, and a Reporting Portal Registration User Guide that each make conforming changes. The updated Reporting Requirements come just three weeks prior to when PRF recipients would have been required to expend all received funds and when reporting was scheduled to commence (July 1, 2021).
Significantly, the updates give providers a longer runway to use funds, clarify the definition of “COVID-19 patient”, and provide insight into potential upcoming PRF distributions. The updated Reporting Requirements represent the Biden Administration’s first actions to modify the PRF, which distributes federal grants to help providers offset revenue shortfalls and expenses incurred due to the COVID-19 pandemic.…
Propelled by COVID-19, State Governments Attempt to Keep Up With Telemedicine Innovation and Digital Health Platforms
As is the case with most new technologies or significant industry innovations, companies embracing and driving the disruptions often move very fast in a legal and political landscape that is always playing catch-up. This is very true for the fast-growing telemedicine and digital health industries. However, likely motivated by COVID-19, state governments are moving faster than they traditionally do to pass new regulations and to extend certain regulatory waivers.
COVID-19 required a shift in the delivery of medical care with the state and local lockdowns. During the pandemic, the United States Department of Health and Human Services (HHS) has issued guidance on various compliance waivers and enhanced flexibility. Governors across the country issued executive orders to help address the requirements of providing ongoing medical care while maintaining proper social distancing (e.g., New Mexico, Texas, etc.). The result was more people receiving medical care remotely. Similar to the realization by many that working from home was not only feasible but in some cases preferable, many also came to the conclusion that a trip to the doctors’ office was not necessary for the treatment of certain conditions. …
Continue Reading Propelled by COVID-19, State Governments Attempt to Keep Up With Telemedicine Innovation and Digital Health Platforms
Federal Vaccination Tracking Raises Privacy Concerns
Although vaccine rollout began slowly in the United States, millions of people are now being vaccinated against COVID-19 per day. As individuals receive the vaccine, states have been collecting personal health data in individual immunization registries. Experts say this data collection is essential to effectively monitor vaccination progress, report adverse reactions, compare vaccine efficacy in cross sections of the population, and keep track of who needs second doses and when.
Continue Reading Federal Vaccination Tracking Raises Privacy Concerns