Photo of Ryan P. Blaney

Ryan Blaney represents health care, life science, and technology clients in a range of regulatory, enforcement, internal investigative and transactional matters, with particular expertise in privacy law, life sciences and digital health. He also has expertise in regulatory compliance, counseling clients on a range of matters, including health care fraud and abuse, third party reimbursement, data breach issues, data privacy and security, and FDA regulatory matters. He has substantial experience in pharmaceutical lifecycle management and competition issues, including the Hatch- Waxman Act and Biosimilars Price Competition and Innovations Act.

Ryan serves information technology companies, public and private health care companies, hospitals and physician organizations, manufacturers, medical device companies, and health plans. He guides venture capital groups, private equity funds, investment banks, and other investors on health care regulatory issues in connection with financing, mergers and acquisitions, and restructuring.

Ryan’s work is greatly informed by his experience as a teacher. Prior to attending law school, Ryan earned a master’s degree in education and taught at an under-resourced Catholic middle school. He is known for his ability to communicate clearly and to coordinate large teams working on complex matters. Outside of his health law practice, Ryan has been repeatedly recognized for his public service and pro bono work. He has successfully handled numerous education-related cases, helped establish three nonprofit organizations and defended qualified recipients of disability benefits.

On June 27, 2023, the Office of Inspector General (“OIG”) for the U.S. Department of Health and Human Services (“HHS”) released its final rule (“Final Rule”) implementing penalties for information blocking.

The Final Rule codifies the prohibition on “information blocking” introduced by the 21st Century Cures Act (“Act”), which was enacted on December 13, 2016. In the Act, “information blocking” was defined as any activity that, in part, is “likely to interfere with, prevent, or materially discourage access, exchange, or use” of electronic health information (“EHI”).[1] The Final Rule provides an enforcement process for alleged information blocking violations by health information networks, health information exchanges, and developers of health IT certified by the HHS Office of the National Coordinator for Health Information Technology (“ONC”). Enforcement of the information blocking penalties will begin on September 1, sixty days after publication of the final rule in the Federal Register.Continue Reading OIG Issues Final Information Blocking Enforcement Rule and Highlights the Potential for Referrals to the FTC and FCA Liability

On June 16, 2023, the Supreme Court (the “Court”) in United States ex rel. Polansky v. Executive Health Resources affirmed the federal government’s power to dismiss a False Claims Act (“FCA”) action brought under the qui tam provisions whenever it chooses to intervene. Polansky is the second FCA case this summer in which the Court has ruled in favor of the federal government—i.e., the Department of Justice, acting through the Attorney General (“DOJ”). Writing for an 8-1 majority, Justice Kagan explained that DOJ receives considerable deference, even over the objection of the individual who raised the action (i.e., the relator or whistleblower), to dismiss cases that are inconsistent with DOJ’s interests.
Continue Reading Recent Supreme Court Case Affirms Government’s Power to Dismiss Qui Tam Suits

In a unanimous opinion, the United States Supreme Court (“Court”) recently held that the False Claims Act’s (“FCA”) scienter requirement refers to a defendant’s knowledge and subjective beliefs, rather than what a hypothetical reasonable person could have known or believed.  As supported by the text of the FCA itself and by its common‑law roots, the Court explained that the “focus is what a defendant thought when submitting a claim—not what a defendant may have thought after submitting it.”  Consequently, the Court vacated the holding of the Seventh Circuit and remanded the matter for further proceedings consistent with the Court’s opinion.  Because the Seventh Circuit had affirmed a Federal district court’s grant of the defendants’ motions for summary judgment, the Court’s opinion effectively revives the FCA claim against the defendants.
Continue Reading The Supreme Court’s Ruling Narrows Available FCA Scienter Defenses

We previously wrote about the United States Department of Justice’s (“DOJ”) Civil Cyber-Fraud Initiative (“CCFI”), which “aims to hold accountable entities or individuals that put U.S. information or systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches.”  In that post, we summarized DOJ’s first two False Claims Act (“FCA”) resolutions pursuant to the CCFI, which amounted to more than $9 million in recoveries.
Continue Reading Another Resolution by DOJ Pursuant to its Civil Cyber-Fraud Initiative Highlights Continued Efforts to Hold Companies Accountable for Ensuring Data are Secured

On March 2, 2023, the Federal Trade Commission (FTC) announced that it had reached a $7.8 million settlement with mental health and online counseling platform, BetterHelp, Inc. (“BetterHelp”). The FTC alleged that BetterHelp shared  consumers’ sensitive health data combined with other personal information (PI) with third party advertising platforms without first obtaining affirmative consent and

On July 20, 2022, the Office of Inspector General for the Department of Health and Human Services (“OIG”) issued a special fraud alert (“Alert”) advising “practitioners to exercise caution when entering into arrangements with purported telemedicine companies.” The Alert is only one of four such “special fraud alerts” that the OIG has issued in the past decade and it illustrates the importance of OIG’s statements.

OIG Flags Seven Characteristics of Telehealth Fraud

In the Alert, OIG cautions that certain companies that purport to provide telehealth, telemedicine, or telemarketing services (collectively, “Telemedicine Companies”) have carried out fraudulent schemes by: (i) aggressively recruiting physicians and non-physician practitioners (collectively, “Providers”) and (ii) paying kickbacks to such Providers in exchange for the ordering of unnecessary items or services, including durable medical equipment, genetic testing, and other prescription items. According to OIG, the fraudulent schemes have varied in design and operation and involved a variety of individuals, Providers, and health care vendors, including call centers, staffing companies, and marketers.Continue Reading OIG Issues Special Fraud Alert Regarding Telemedicine Arrangements

The Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), recently issued new regulatory guidance relating to covered entities’ HIPAA-compliant use of remote communication technologies for audio-only telehealth services. This guidance is a direct response to a December 2021 Executive Order that tasked HHS with developing HIPAA guidance for telehealth services, with the stated goals of improving “patient experience and convenience” as the COVID-19 public health emergency subsides. HHS has issued this guidance in anticipation of the national public health emergency ending, at which time OCR’s Telehealth Notification loses effect.

The new HIPAA guidance affects covered entities in four key ways.Continue Reading HHS Issues HIPAA Guidance on Remote Communication Technologies for Audio-Only Telehealth

The Department of Health and Human Services (“HHS”) has issued a formal request for information from the public about how regulated entities are implementing industry recognized security practices. The request for information represents a chance for the private sector to contribute to HHS regulation. Interested parties have until June 6, 2022 to submit comments.

HHS

Contingency management (CM) is a form of intervention treatment program that incentivizes patients with substance use disorders to observe certain conditions—such as non-use of drugs or alcohol confirmed via urine drug screening or breathalyzer test, or even drug therapy adherence—in exchange for something of monetary value.  Adherence is often tracked and confirmed by those that provide the incentive payment through digital health technologies—including apps that can be downloaded to the patient’s smart phone or that are already downloaded to a smart phone provided to the patient as part of a CM program.  While many contend that CM is an effective, evidence-based treatment, certain legal barriers limit, and often prevent, its widespread adoption and use.  When there is the potential for patients to receive items and services payable by Federal health care programs (FHCPs), CM incentives are subject to scrutiny under the Federal anti-kickback statute (AKS) and the Beneficiary Inducements CMP.  A recent advisory opinion issued by the United States Department of Health and Human Services (HHS), Office of Inspector General (OIG), approved a digital health company’s offer to provide cash equivalents to patients participating in a CM program.  This favorable result continues to demonstrate OIG’s flexibility notwithstanding regulatory precedent or guidance appearing to the contrary.
Continue Reading OIG Approves Cash Equivalents Paid to Patients Participating in Contingency Management Program Offered Through Digital Health Technology

A variety of conditions may be conspiring against businesses in certain segments of the health care industry.  These include reduced patient census at skilled nursing and other long-term care facilities, COVID regulations that limit the ability of providers to give (or patients to receive) various forms of treatment and patients choosing to delay lucrative elective