Largest mass shooting in U.S. history renews calls for changes to federal health policy

At 2:00 a.m. on Sunday, June 12, 2016, a man with an AR-15 assault rifle, a handgun, and another “device” walked into Pulse, a gay nightclub in Orlando, and carried out the deadliest mass shooting in American history. He killed 49 individuals, and wounded 53 others, before he was shot and killed by police.

According to Orange County Government Director of Health and Public Safety Dr. George Ralls, the nightclub’s location, approximately two blocks from Level 1 trauma center Orlando Regional Medical Center, where surgeons performed more than 30 surgeries on victims of the shooting, saved lives. Having a trauma center equipped to deal with the severe injuries inflicted, as well as resulting infections and other complications, is a “saving grace” for the tragedy, said Ralls.

Much of the public outcry following the attack is focused on whether the shooter was part of a terrorist organization or how the shooter was able to obtain the weapons. For public health advocacy groups, however, this tragedy is a reminder of federal laws and regulations which, they say, hinder their abilities to prevent similar massacres and properly treat patients in their aftermath.

Gun control research funding ban

In 1996, Rep. John Dickey (R-Ark) proposed an amendment to the omnibus consolidated appropriations act for fiscal year 1997 (P.L. 104-208) reading, “That none of the funds made available for injury prevention and control at the Centers for Disease Control and Prevention [CDC] may be used to advocate or promote gun control.” That same language has been included in each successful appropriations act passed since then; in 2011, the appropriations act for fiscal year 2012 expanded the funding ban to the National Institutes of Health (NIH) (P.L. 112-74). The Patient Protection and Affordable Care Act (ACA) (P.L. 111-148) includes an additional provision prohibiting HHS, health plans, and other databases from collecting information about firearm possession, use, or storage.

In a January 16, 2013, memorandum, President Barack Obama directed the HHS Secretary, through the Director of the CDC and other HHS scientific agencies to “conduct or sponsor research into the causes of gun violence and the ways to prevent it.” However, no funding has been appropriated to the research, and the CDC has not taken any action.

There have been multiple calls to end the research ban. In April 2016, a letter to the leaders of the Senate and House appropriations committees from 141 health care, public health, and scientific organizations asked Congress to provide the CDC with funding for research into the causes and prevention of gun violence. At the end of May 2016, Democrat members of the House of Representatives signed a letter asking House leadership to remove amendments freezing gun violence research from future appropriations bills.

Two days after the Pulse shooting, the American Medical Association (AMA) announced that the organization, the largest association of physicians and medical students in the United States and one of the signatories of the April 2016 letter, will actively lobby Congress to overturn the research ban. Calling gun violence a public health crisis, AMA President Steven J. Stack, M.D. said, “Even as America faces a crisis unrivaled in any other developed country, the Congress prohibits the CDC from conducting the very research that would help us understand the problems associated with gun violence and determine how to reduce the high rate of firearm-related deaths and injuries. An epidemiological analysis of gun violence is vital so physicians and other health providers, law enforcement, and society at large may be able to prevent injury, death and other harms to society resulting from firearms.”

FDA blood donor policy

When the HIV/AIDS epidemic began over 30 years ago, the FDA implemented a lifetime ban on blood donations from men who have sex with men (MSM), regardless of risk factors. Since at least 1997, the American Association of Blood Banks, the Red Cross, and America’s Blood Centers have advocated revising the policy and removing the lifetime ban because advances in blood screening technology and the scientific community’s increasing understanding of the HIV/AIDS virus rendered the ban medically and scientifically unwarranted. HHS convened a non-partisan group of scientific experts in 2010 for the Advisory Committee on Blood Safety and Availability. The Committee concluded that the lifetime ban should be changed because it prohibits low-risk donors from giving blood, but allows donations from high-risk individuals.

The FDA updated its policy in a December 23, 2014, announcement from then-Commissioner Margaret Hamburg, M.D. The change lifted the lifetime ban on blood donations from MSM, permitting donations if at least one year has elapsed since the donor’s last sexual contact with another man. The FDA noted  that the new policy, which went into effect in December 2015, would align blood centers’ treatment of MSM more closely to the treatment of other individuals who have engaged in behaviors that increase their risk of AIDS.

This change was met with mixed reactions. Responses to ending the lifetime ban have generally been positive, however, the 12-month deferral excludes many men who are in monogamous relationships and present no risk of HIV transmission while not deferring donations from women who have had many sexual partners, unless they are prostitutes.

In the wake of the Pulse shooting, people all over Florida, including many members of the LGBTQ community, rushed to donate blood to meet the needs of the injured victims. Due to the FDA policy, many would-be donors were turned away. Over 100 bipartisan members of the House and 24 bipartisan members of the Senate sent letters to FDA Commissioner Robert A. Califf, M.D., asking for an update on implementation of the 12-month deferral policy, and expressing their hopes that the agency will continue moving toward a less discriminatory and more science-based policy.

House passes bill to raise some off-campus hospital outpatient department rates

Some off-campus hospital outpatient departments (HOPDs) could be grandfathered into receiving outpatient payment rates under a piece of legislation passed by the House. The legislation—known as “The Helping Hospitals Improve Patient Care Act” (HHIPCA) (H.R. 5273)—would provide an exception to new off-campus HOPD payment rules for off-campus facilities that were “mid-build” when the Bipartisan Budget Act of 2015 (BBA) (P.L.114-74) was enacted. According to the Congressional Budget Office (CBO), the legislation, which also seeks to modify other Medicare payment rules, would increase direct spending by $50 million over the 2017 to 2021 period and decrease direct spending by $14 million over the 2017 to 2026 period.

HOPDs

The BBA’s HOPD payment rules require that Medicare pay for services furnished in new off-campus facilities as though those they were performed in an office or ambulatory surgical center. The new legislation would exempt mid-build HOPDs—facilities that were under construction on November 2, 2015—from the BBA rule and allow them to continue to receive outpatient rates at those facilities (see Lawmakers lend hospitals helping hand to improve patient care, Health Law Daily, May 19, 2016). The CBO estimates that the payment exception for mid-build HOPDs would be the most costly part of the legislation, increasing net Medicare spending by $750 million over the 2017-2026 period. The bill would also cut direct spending by $750 million over that same period by reducing the inpatient prospective payment system (IPPS) payment rate by 0.04 percent in fiscal year (FY) 2018.

Cancer hospitals

The legislation would also provide an exemption to the HOPD payment rules for cancer hospitals. Under the proposed law, cancer hospitals at new off-campus locations would continue to be paid at cancer hospital rates. The law would implement an attestation requirement for cancer hospitals seeking the higher payment rates and give HHS $2 million to audit those attestations. Overall, the CBO estimates, the cancer hospital provisions of the HHIPCA would increase direct spending by $20 million over the 2017 to 2021 period but have no net budgetary effect over the 2017 to 2026.

EHRs

The law would also exempt eligible professionals based in ambulatory surgical centers (ASCs) from punishment under the electronic health record (EHR) meaningful use program. The exemption from compliance with EHR standards would apply to payments made in calendar years 2017 and 2018 and continue with the Merit-Based Incentive Payment System (MIPS) beginning in 2019. The CBO estimates that the exemption would exempt approximately 2000 ASC-based professionals from penalties related to EHR use—penalties that the CBO expects to average about $3000 per professional. The CBO estimates that the EHR provision would increase direct spending by $17 million over the 2017 to 2026 period.

Medicaid plans as shifting as the sands, states weighing options

State Medicaid programs continue to change in response to various factors, from Florida changing its hepatitis C treatment policy to favor patients, to non-expansion states considering the financial impact of potential options. Louisiana just began enrolling the newly eligible this week, and the state projects that many more will seek coverage. South Dakota’s governor is employing some creative techniques to argue that expansion will not cost the state additional funds, and North Carolina is trying to shift plan oversight to outside organizations.

Florida and Hepatitis C

Florida is now providing vital medications to Medicaid patients with hepatitis C at an earlier stage of the disease. In the past, patients have only been offered the drug when they were at fibrosis level three or four, which indicates a high level of scar tissue in the liver and is sometimes the point where patients are in need of a transplant. These drugs are expensive to the program, costing as much as $31,000 each month. Florida amended its program criteria on June 1, 2016, removing the fibrosis level from the criteria.

Louisiana, welcome to Medicaid expansion

Louisiana opened its enrollment process to those newly eligible under the program’s expansion on June 1. The Department of Health and Hospitals (DHH) projects that about 375,000 individuals will eventually receive coverage under the expansion, although the department has been communicating with about 175,000 people about qualification. It is uncertain what effect this will have on other Louisiana health issues, such as doctor training programs. Budgetary problems, including proposed cuts to hospitals, is causing residents to go out of state for training- where they are likely to stay. Safety net hospitals, which treat many poor and uninsured patients, are particularly concerned about the reduction in funding as the state legislature attempts to resolve a budget shortfall.

Utah’s expansion comes with much less fanfare

After Utah’s legislature decided to pass a very reduced expansion plan, one that Democrats bemoaned as a “cruel trick” and “fiscal insanity,” little has been said about the matter–an extreme contrast to years of fighting over the plan of action. The plan will provide coverage to somewhere around 10,000 citizens, a reduced estimate from the original 16,000 tally. Officials expect that the money to be invested in the expansion will not stretch far to cover very many residents due to the high health costs associated with those who have gone without care. Although there has been an opportunity for hearings and public comment, the state has received little input. Some blame the timing of hearings, which would require those interested to come in during a workday, while others believe that the public feels that the legislature is uninterested in their opinions.

North Carolina seeks waiver

North Carolina is requesting that CMS allow it to transfer Medicaid oversight to three managed care organizations and provider-led entities. Although a representative felt that the state provider community has embraced the plan, the state legislature is less than united. The state Senate recently unanimously rejected House changes to its reform bill, which would require the state agency to provide progress reports and disclose a work plan for changes to be made to state health care programs.

South Dakota wants to expand Medicaid without spending more money

South Dakota Governor Dennis Daugaard (R) believes that he can figure out how to expand the state’s Medicaid program to cover about 50,000 more citizens without increasing state spending. Although he believes the math can work if the federal government shoulders more Medicaid costs for Native Americans in the state, the governor is concerned about pushback from the legislature.

Lawmakers consider legislation that would give HHS a new cybersecurity leader

Lawmakers believe HHS needs to take additional steps to improve its information security protections. The House Committee on Energy and Commerce, Subcommittee on Health, held a hearing on May 25, 2016, to examine HHS’ current cybersecurity responsibilities and to consider proposals to strengthen the agency’s data security. Lawmakers heard testimony from industry experts and considered the impact of measures like the HHS Data Protection Act (H.R. 5068)—proposed legislation designed to make the HHS Chief Information Security Officer (CISO) a presidential appointee and a peer, rather than a subordinate, of the HHS Chief Information Officer (CIO). The hearing was premised on an understanding that lapses in agency data protections are due to organizational structures that favor informational operations over informational security.

Organizational change

The organizational change in the office of the HHS CIO and CISO would represent an important transition that mirrors steps many health care organizations are currently undergoing in their own organizational structures, according to the testimony of Samantha Burch, Senior Director of Congressional Affairs at Healthcare Information and Management Systems Society (HIMSS). Because hacking the health care sector has become easier and more profitable than ever before, Burch noted that a comprehensive, planned, and coordinated approach is necessary for health organizations and governmental agencies to avoid breaches. She also noted that elevating the CISO to be a peer of the CIO reflects an acknowledgement that “information security has evolved into a risk-management activity.”

Challenges

Joshua Corman, Director of the Cyber Statecraft Initiative at the Atlantic Council, testified that part of the difficulty with developing cybersecurity protections is that cybersecurity is a relatively new field. He acknowledged that significant breaches have occurred, even when entities are engaged in “best practices.” Corman noted that the threat only increases as “we connect everything in the Internet of Things.” He explained that as society places greater reliance on information technology, cybersecurity efforts must “rise in kind.”

Leadership

Mac McMillan, Chief Executive Officer at CynergisTek, Inc., testified that the organizational change is important because what most health care organizations lack, in terms of cyber security, is leadership—a void that would be filled by the elevated position of the CISO under the HHS Data Protection Act. As cybersecurity threats increase, McMillan explained that now, more than ever, the health care industry needs a leader to develop credible cybersecurity frameworks, standards, resources, and investments.

Reporting

Marc Probst, the CIO of Intermountain Healthcare, discussed potential reporting structures for a CISO—a topic which received attention from all of the experts. Probst pointed to the example of Intermountain Healthcare, where the CISO reports directly to the CIO (Probst). He noted that, at Intermountain Healthcare, the reporting structure is not a focus point and, instead, the organization prioritizes appropriate checks and balances for security plan development and execution. He also gave examples of other organizations where the CISO reported to different entities. Probst explained that where the CISO should report is dependent on the way the CISO role is defined by an organization. With respect to the HHS Data Protection Act, Probst encouraged lawmakers to consider the potential negative consequences of making the CISO a presidential appointment, due to the possibility that it could hamper the agency’s ability to affect change.