Fraud and abuse risks in digital health: What tech companies need to know about healthcare enforcement – Part II

6 min read

White & Case Tech Newsflash

For companies looking to monetize their hard-earned innovations in digital health, there is a minefield of potential healthcare enforcement to avoid. As discussed in Part I of this alert, such healthcare enforcement can lead to significant criminal and civil penalties. Common risk areas are well known to pharmaceutical, medical device and other traditional healthcare companies. However, the challenge for a technology company making its first foray into healthcare is both to appreciate these traditional healthcare compliance risks and to determine the unique ways these risks may map onto the uncharted landscape of digital health.

Some threshold questions to ask include:

  • Will the FDA regulate the particular product as a medical device?
  • Does the product raise any concerns with off-label promotion, i.e., if a drug manufacturer will be using the technology to encourage non-approved dosages of a medication or other unapproved uses?
  • Is there any possibility of the product encouraging testing, medical services or medication use beyond what a government payor might deem medically necessary?

One of the most important risks to explore is whether the government might contend that any arrangements involve kickbacks in violation of the Anti-Kickback Statute. Particularly in the context of digital health, such kickback risk could be non-obvious. 

The types of potential kickbacks fall into three categories: kickbacks to patients; kickbacks to healthcare providers (and other decision-makers); and kickbacks to the technology company.


Kickbacks to patients

Digital-health companies that provide products or services to Medicare or Medicaid patients should examine any policies or programs that assist with or waive patients' copayments, give out free products or condition free products on a future purchase. Routinely waiving copayments or providing patient financial assistance without individualized determinations of a patient's financial needs could violate the Anti-Kickback Statute and the False Claims Act. Government enforcers also view indirect patient financial assistance, such as funding charities that help indigent patients pay for healthcare products, as potentially creating illegitimate incentives to increase the use of such products.

One issue of particular note in digital health is the recent trend toward providing companion mobile medical apps or other digital tools to patients when they receive a prescription medication. This could draw enforcement scrutiny, as such companion apps could be considered an item of value to induce purchases of certain drugs. This practice also could be deemed to cause inaccurate price reporting. For example, if the price of a drug does not increase, but the patient now receives additional "value" in the form a companion app or digital tool, the government might ask whether the app is a kickback to induce purchases of the drug, or if the "value" of the app should be accounted for in reporting the price of the drug (vs. the price of the app).


Kickbacks to healthcare providers

Digital-health companies should scrutinize payments, services, or products provided to healthcare providers and other decision-makers, such as pharmacy benefit managers (PBMs) and pharmacy and therapeutics (P&T) committees. Law enforcement may examine such transactions to determine whether any part of the value provided was intended to induce decisions to approve or prescribe a product or service that the government reimburses. Most typically, the value of a potentially problematic transaction would exceed fair-market value.

Certain activities, such as physician speaker programs and consulting payments for physicians, commonly are subject to government scrutiny. Regulators also look into the provision of free data, below-market leases of equipment and sales of products with an expectation of future purchases, such as future purchases of a complementary product. 

In the context of digital health, this might come into play as:

  • Providing what the government might claim are "free" data or decision-making supports to physicians, for example, where a physician might receive the results from a patient self-monitoring app, where the app is sponsored by a drug manufacturer and designed to increase use of that manufacturer's drug or
  • Providing free or below-market-value technology to physicians with the expectation that any loss will be covered by future purchases or prescriptions of a related drug or other product that will be reimbursed by a government payor, for example, where the technology provided by a manufacturer allows the physician to more effectively diagnose a rare disease, the sole treatment for which is that manufacturer's drug.

Demonstrating the potential breadth of kickbacks to healthcare providers, the US District Court for the District of Massachusetts recently refused to dismiss a case alleging that Regeneron Pharmaceuticals had provided kickbacks by funding a charity that covered patients' Medicare copayments for Regeneron's Eylea product. The court noted that these charitable donations not only could constitute "remuneration" to the patients, but also could be unlawful "value" provided to physicians "by saving physicians' time that might be spent on explaining copays and assessing patients' financial hardship, removing the financial risk to physicians if they prescribed a drug that patients could not pay them back for, appeasing staff and patients, and generating increased business due to satisfied patients." 

One can imagine similar arguments being made as to why a wide variety of digital solutions could provide "value" to healthcare providers.


Kickbacks to a technology company

Another source of potential kickback exposure is any sort of payments or financial sponsorship that would influence referrals for services or suggestions for products. As we noted in Part 1 of this alert, Practice Fusion, an electronic-health-records (EHR) vendor, paid US$145 million in criminal fines and as part of a civil settlement of FCA claims. The company had received payments from drug manufacturers to promote prescriptions of the "sponsoring" companies' drugs as part of clinical decision support criteria in their EHR platform.



The time to consider these healthcare fraud and abuse issues is when a digital-health innovator is trying to determine how to transform its potential life-changing invention into a viable business plan. Within the sphere of digital health, who is involved may be more important than what beneficial results an innovation might achieve. For example, a technology to improve diagnosis or treatment may be laudable on its own but potentially problematic to the extent it is owned or influenced by a company that stands to increase sales of its medical products based upon use of the technology. 

Advance planning is necessary to ensure guardrails are in place to protect against any potential violation—even unwitting—of the Anti-Kickback Statute or the web of other healthcare laws and regulations. While many transactions and arrangements ultimately may be defensible, it is preferable to avoid government scrutiny or the appearance of potential concerns in the first place.

With that in mind, all companies in the digital health arena—like traditional healthcare companies—would do well to adopt an adequate (and adequately funded) compliance program consistent with the expectations that the Department of Justice and the Office of Inspector General of the Department of Health and Human Services have outlined.


1 United States v. Regeneron Pharm., Inc., Civil Action No. 20-11217-FDS, 2020 U.S. Dist. LEXIS 227643, at *29 (D. Mass. Dec. 4, 2020).


This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2021 White & Case LLP