News & Insights  |  Media Mentions

Related Professionals

Practice Areas


Patricia O'Connell
Senior Communications Manager

Health Care Practice Co-Chair Kirk Nahra Comments on Top Health Law Issues for 2013

Bloomberg BNA’s Health Law Reporter
January 10, 2013

Kirk Nahra, co-chair of Wiley Rein’s Health Care Practice, was interviewed by Bloomberg BNA for a story on the top health law issues of 2013.

Mr. Nahra was among attorneys who said those issues will include Medicaid, fraud, health plan regulation and health information technology. The top issues are “all pieces of a nationally crucial (and incredibly intricate) puzzle,” Mr. Nahra told Bloomberg BNA. “You can’t take one without the other in most of the situations.”

He predicted that this year’s discussion of fraud and abuse policies will track the overall approach on health care reform, and said the government should be expected to aggressively pursue true fraud.

“What the government needs to avoid, however, is the ‘gotcha’ mentality of pursuing technical or interpretation violations where there is a realistic confusion in the regulations,” Mr. Nahra said.

He added that the government’s increasing ability to combat fraud and abuse through technology, using programs like prepay reviews, will be important this year.

“This is a way for the government to protect itself without the need for aggressive criminal and false claims sanctions,” Mr. Nahra told Bloomberg BNA. “I also would like to see a renewed focus on appropriate compliance programs, particularly with the government providing reasonable and current guidance to update many of the programs that have grown stale over the past few years.”

Regulation of health plans is intrinsically linked to health care reform initiatives and related fallout this year, Mr. Nahra said. “Private insurance obviously is a critical component of overall health care reform...but the fact of the matter is that the line between public and private is blurring—because of the enormous variety of new government programs—and this blurring is only going to continue,” he said.

“The biggest question over the next few years is whether the health insurance industry will actively participate in this wide variety of new programs, and how the development of new insurance exchanges will affect both the viability of private health insurance and the continued focus of employment as the core element in health insurance coverage,” Mr. Nahra added. “A movement away from employer-based coverage will be a fundamental development, and will be a critical element to watch.”

Mr. Nahra said another top issue will be the U.S. Department of Health and Human Services’ (HHS) long-awaited release of a final rule that updates several major health care privacy regulations. Some of the revisions are required under the 2009 Health Information Technology for Economic and Clinical Health (HITECH) Act.

“The administration has to issue these rules in 2013,” Mr. Nahra said. The delay “is itself causing problems, there is no reasonable excuse for taking this long. With that said, we can also hope that the rules will match the HITECH law relatively closely, without getting into new and unexpected areas that were not part of the proposed rules.”

Mr. Nahra said a key point to watch is whether there will be “meaningful change” to a rule that requires entities covered by the Health Insurance Portability and Accountability Act (HIPAA) to notify individuals and HHS of any breaches to their unsecured protected health data.

Based on “the experience to date, there is no obvious reason to change the rule,” because breaches are being reported “even in many situations where the actual risk of harm” posed by the breach “is quite small,” he said.

Another major issue is “how far downstream the HIPAA business associate requirements will flow, particularly for full compliance with the HIPAA Security Rule,” Mr. Nahra told Bloomberg BNA. “HHS should impose a ‘reasonable and appropriate’ standard on downstream entities, rather than full HIPAA compliance.”

Mr. Nahra added that business associates will need to be “in full compliance with the HIPAA Security Rule” seven months from the date of the rule’s publication. “This is a significant challenge, and one where business associates should start now on these efforts,” he said.