Brenna Jenny
How hospitals can get ahead of the coming CMS price transparency enforcement wave
September 22, 2021
By Brenna E. Jenny
The Centers for Medicare & Medicaid Services (“CMS”) appears poised to prioritize enforcement of the Hospital Price Transparency regulations. Although there has been an absence of penalties to date, the tide is turning as the new administration gains its footing and a widespread interest in healthcare price transparency sweeps the nation. Despite the pandemic’s continued demands on healthcare providers, hospitals should take steps to come into compliance with the hospital price transparency regulations by the time heightened penalties may go into effect next year.
Key regulatory requirements
The Hospital Price Transparency regulations went into effect on January 1, 2021, following dismissal of a provider lawsuit that was upheld by the D.C. Circuit Court of Appeals on December 29, 2020. The regulations require hospitals to establish, update, and make public two sets of information: first, a list of all standard charges for all items and services in a comprehensive machine-readable file, and second, a consumer-friendly list of standard charges for a set of at least 300 shoppable services (70 of which are identified by CMS, and the remaining selected by the hospital). Alternatively, hospitals can satisfy the shoppable services requirement by maintaining an internet-based price estimator tool that allows consumers to obtain an estimate of the amount they will need to pay the hospital for each shoppable service.
Standard charges for the machine-readable files are defined to include five different charges: gross charge, payer-specific negotiated charge, de-identified minimum negotiated charge, de-identified maximum negotiated charge, and discounted cash price. Standard charges for the shoppable services must include all but the gross charge, unless no discounted cash price is available. The regulations include further technical specifications relating to the location and formatting of the required disclosures, including that they be displayed prominently on a publicly-available website and be accessible free of charge and without barriers such as a log-in name or password.
A number of publicly available studies conducted in the first half of 2021 revealed low estimated rates of hospital compliance with these new requirements. For example, a March 2021 Health Affairs analysis concluded that 65% of large hospitals reviewed were “unambiguously noncompliant,” and an April 2021 Kaiser Family Foundation review of 100 hospitals found that although approximately 80% of those hospitals disclosed gross prices in a machine-readable file and a display of shoppable services, only 34% of hospitals posted payor-specific negotiated charges in the machine-readable file and only 3% displayed payor-specific negotiated charges for shoppable services.
A slow start to CMS enforcement
CMS has authority to monitor hospital compliance with the price transparency requirements, including by evaluating complaints made by individuals or entities to CMS, reviewing an individual or entity’s analysis of a hospital’s noncompliance, or conducting audits of hospital websites. If CMS concludes that a hospital is noncompliant with one or more of the price transparency requirements, it may take any of the following steps, generally but not necessarily in this order: issue a written warning to the hospital of the specific violation(s), request a corrective action plan if noncompliance constitutes a material violation of the regulations, or impose a civil monetary penalty (“CMP”) of up to $300 per day (updated annually for inflation).
Even before the D.C. Circuit affirmed the viability of the regulations, CMS issued a public statement underscoring its intent vigorously to enforce the transparency rules. On December 18, 2020, CMS announced that it “plans to audit a sample of hospitals for compliance starting in January” 2021.
But changes in administrations often yield a temporary lull in enforcement as new political leadership is onboarded and triages time-sensitive matters they would like to take in a new policy direction. Areas in which a new administration agrees with the prior one—as is largely the case within HHS on price transparency—can fall by the wayside. As a result, many in the industry were unsurprised when CMS’s announcement was not accompanied by any immediate enforcement actions. Although CMS did follow through on its threat to initiate at least some audits immediately in early 2021, it confirmed this summer that its response was limited to issuing warning letters. Pandemic burdens on providers may also have contributed to CMS’s decision not to impose harsh penalties for violations.
CMS appears ready to make enforcement a priority
There are signs that CMS’s willingness to tolerate hospital noncompliance may soon be coming to a close. President Biden’s wide-ranging July 9, 2021 executive order on “promoting competition in the American economy” specifically directed the Secretary of Health and Human Services (“HHS”) to “support existing price transparency initiatives for hospitals….” The Biden administration’s endorsement of this Trump-era regulation underscores how price transparency has become a popular, bipartisan issue. This regulation also dovetails with similar transparency requirements in a payor version of the Hospital Price Transparency regulations—portions of which go into effect on January 1, 2022—as well as ancillary transparency requirements imposed by Congress in the No Surprises Act, which is a federal surprise medical billing law passed in late December 2020 that will also largely go into effect on January 1, 2022.
CMS’s support appears to be taking the form of incentivizing broader compliance through higher penalties. The regulations currently authorize CMPs of up to $300 per day, regardless of the number of violations by a hospital, with a resulting annual ceiling of $109,500 per year. When CMS initially finalized these regulations, the agency characterized this rate as “commensurate with the level of severity of the potential violation, taking into consideration that nondisclosure of standard charges does not rise to the level of harm to the public as other violations (such as safety and quality issues) for which CMS imposes CMPs, and therefore, [it] should remain at a relatively lower level.”
But explaining that the agency is now “concerned by what appears to be a trend towards a high rate of hospital noncompliance,” CMS in a proposed rule released in August announced plans to significantly increase financial penalties for noncompliance, effective January 1, 2022. If CMS finalizes this proposal, hospitals with 30 beds or less will still face CMPs of $300 per day, but hospitals with 31 to 550 beds would be penalized up to $10 per bed per day, or a per-day penalty of up to $5,500. Hospitals with more than 550 beds would face the same ceiling, resulting in an annual penalty of $2,007,500. The penalty rates would still remain flat regardless of the number of violations.
CMS also took the opportunity in this proposed rule to criticize observed practices that it views as violating the regulatory prohibition on erecting barriers to accessing price information. For example, CMS noted that some hospital websites have been coded in ways that “hinder the findability of a web page that contains a link to the machine-readable file,” and that others have implemented “anti-automation tools such as requiring users to pass tests proving they are human users prior to accessing the file” or are requiring users to agree to “all terms and conditions in a legal disclosure.” CMS hints that even if hospitals are posting the requisite data, failure to meet access standards could still result in CMPs.
Against the backdrop of a national mood increasingly in favor of price transparency in the healthcare industry, HHS Secretary Xavier Becerra’s enforcement background looms large. Prior to joining HHS, Secretary Becerra served as the California Attorney General, and in that position he took a very active role in healthcare enforcement. He can be expected to take the same approach in his new position, and under his leadership, HHS will be more likely to take on direct enforcement actions, rather than leaving other entities, such as the Department of Justice, to pursue indirect enforcement, such as through the federal False Claims Act.
Compliance tips
Hospitals should view CMS’s proposed rule as a warning that the grace period for noncompliance is closing and to minimize risk, take steps to post at least a good faith effort at the requisite information files by January 1, 2022. But unfortunately coming into compliance is not necessarily a simple task. Many hospitals have criticized CMS’s estimated compliance costs—$11,898.60 per hospital in year one, with “minimal burden on hospitals for remaining compliant” going forward—as grossly unrealistic.
Hospitals can expect that they will need to aggregate a cross-functional team comprised of operations, network system administrators, revenue cycle management, and lawyers. Structural implementation decisions should be made as soon as possible, such as whether to use paid claims or data from contract management systems, and which 230 shoppable services to post (CMS suggests these should be selected at least in part based on the frequency at which they were provided in the prior year). Special consideration should be given to identifying the charges for service packages, as these rates will not be specifically listed in existing chargemasters but must nonetheless be calculated and disclosed.
Hospitals should also decide whether, based on their existing infrastructure for providing price estimates, it would be preferable to satisfy the shoppable services requirement by instead maintaining an internet-based price estimator tool. This decision may be influenced by how the hospital plans to come into compliance with related requirements under the No Surprises Act to provide advance good faith estimates of costs for out-of-network services.
Finally, to the extent hospitals must take positions on ambiguous regulatory provisions, they should document the reasonable basis for their interpretation. This documentation can provide a possible basis for challenging CMPs in the future.
About the author: Brenna E. Jenny is a partner in Sidley Austin’s Healthcare group. Until January 2021, she served as the Principal Deputy General Counsel at the Department of Health and Human Services and the Chief Legal Officer for CMS.
The Centers for Medicare & Medicaid Services (“CMS”) appears poised to prioritize enforcement of the Hospital Price Transparency regulations. Although there has been an absence of penalties to date, the tide is turning as the new administration gains its footing and a widespread interest in healthcare price transparency sweeps the nation. Despite the pandemic’s continued demands on healthcare providers, hospitals should take steps to come into compliance with the hospital price transparency regulations by the time heightened penalties may go into effect next year.
Key regulatory requirements
The Hospital Price Transparency regulations went into effect on January 1, 2021, following dismissal of a provider lawsuit that was upheld by the D.C. Circuit Court of Appeals on December 29, 2020. The regulations require hospitals to establish, update, and make public two sets of information: first, a list of all standard charges for all items and services in a comprehensive machine-readable file, and second, a consumer-friendly list of standard charges for a set of at least 300 shoppable services (70 of which are identified by CMS, and the remaining selected by the hospital). Alternatively, hospitals can satisfy the shoppable services requirement by maintaining an internet-based price estimator tool that allows consumers to obtain an estimate of the amount they will need to pay the hospital for each shoppable service.
Standard charges for the machine-readable files are defined to include five different charges: gross charge, payer-specific negotiated charge, de-identified minimum negotiated charge, de-identified maximum negotiated charge, and discounted cash price. Standard charges for the shoppable services must include all but the gross charge, unless no discounted cash price is available. The regulations include further technical specifications relating to the location and formatting of the required disclosures, including that they be displayed prominently on a publicly-available website and be accessible free of charge and without barriers such as a log-in name or password.
A number of publicly available studies conducted in the first half of 2021 revealed low estimated rates of hospital compliance with these new requirements. For example, a March 2021 Health Affairs analysis concluded that 65% of large hospitals reviewed were “unambiguously noncompliant,” and an April 2021 Kaiser Family Foundation review of 100 hospitals found that although approximately 80% of those hospitals disclosed gross prices in a machine-readable file and a display of shoppable services, only 34% of hospitals posted payor-specific negotiated charges in the machine-readable file and only 3% displayed payor-specific negotiated charges for shoppable services.
A slow start to CMS enforcement
CMS has authority to monitor hospital compliance with the price transparency requirements, including by evaluating complaints made by individuals or entities to CMS, reviewing an individual or entity’s analysis of a hospital’s noncompliance, or conducting audits of hospital websites. If CMS concludes that a hospital is noncompliant with one or more of the price transparency requirements, it may take any of the following steps, generally but not necessarily in this order: issue a written warning to the hospital of the specific violation(s), request a corrective action plan if noncompliance constitutes a material violation of the regulations, or impose a civil monetary penalty (“CMP”) of up to $300 per day (updated annually for inflation).
Even before the D.C. Circuit affirmed the viability of the regulations, CMS issued a public statement underscoring its intent vigorously to enforce the transparency rules. On December 18, 2020, CMS announced that it “plans to audit a sample of hospitals for compliance starting in January” 2021.
But changes in administrations often yield a temporary lull in enforcement as new political leadership is onboarded and triages time-sensitive matters they would like to take in a new policy direction. Areas in which a new administration agrees with the prior one—as is largely the case within HHS on price transparency—can fall by the wayside. As a result, many in the industry were unsurprised when CMS’s announcement was not accompanied by any immediate enforcement actions. Although CMS did follow through on its threat to initiate at least some audits immediately in early 2021, it confirmed this summer that its response was limited to issuing warning letters. Pandemic burdens on providers may also have contributed to CMS’s decision not to impose harsh penalties for violations.
CMS appears ready to make enforcement a priority
There are signs that CMS’s willingness to tolerate hospital noncompliance may soon be coming to a close. President Biden’s wide-ranging July 9, 2021 executive order on “promoting competition in the American economy” specifically directed the Secretary of Health and Human Services (“HHS”) to “support existing price transparency initiatives for hospitals….” The Biden administration’s endorsement of this Trump-era regulation underscores how price transparency has become a popular, bipartisan issue. This regulation also dovetails with similar transparency requirements in a payor version of the Hospital Price Transparency regulations—portions of which go into effect on January 1, 2022—as well as ancillary transparency requirements imposed by Congress in the No Surprises Act, which is a federal surprise medical billing law passed in late December 2020 that will also largely go into effect on January 1, 2022.
CMS’s support appears to be taking the form of incentivizing broader compliance through higher penalties. The regulations currently authorize CMPs of up to $300 per day, regardless of the number of violations by a hospital, with a resulting annual ceiling of $109,500 per year. When CMS initially finalized these regulations, the agency characterized this rate as “commensurate with the level of severity of the potential violation, taking into consideration that nondisclosure of standard charges does not rise to the level of harm to the public as other violations (such as safety and quality issues) for which CMS imposes CMPs, and therefore, [it] should remain at a relatively lower level.”
But explaining that the agency is now “concerned by what appears to be a trend towards a high rate of hospital noncompliance,” CMS in a proposed rule released in August announced plans to significantly increase financial penalties for noncompliance, effective January 1, 2022. If CMS finalizes this proposal, hospitals with 30 beds or less will still face CMPs of $300 per day, but hospitals with 31 to 550 beds would be penalized up to $10 per bed per day, or a per-day penalty of up to $5,500. Hospitals with more than 550 beds would face the same ceiling, resulting in an annual penalty of $2,007,500. The penalty rates would still remain flat regardless of the number of violations.
CMS also took the opportunity in this proposed rule to criticize observed practices that it views as violating the regulatory prohibition on erecting barriers to accessing price information. For example, CMS noted that some hospital websites have been coded in ways that “hinder the findability of a web page that contains a link to the machine-readable file,” and that others have implemented “anti-automation tools such as requiring users to pass tests proving they are human users prior to accessing the file” or are requiring users to agree to “all terms and conditions in a legal disclosure.” CMS hints that even if hospitals are posting the requisite data, failure to meet access standards could still result in CMPs.
Against the backdrop of a national mood increasingly in favor of price transparency in the healthcare industry, HHS Secretary Xavier Becerra’s enforcement background looms large. Prior to joining HHS, Secretary Becerra served as the California Attorney General, and in that position he took a very active role in healthcare enforcement. He can be expected to take the same approach in his new position, and under his leadership, HHS will be more likely to take on direct enforcement actions, rather than leaving other entities, such as the Department of Justice, to pursue indirect enforcement, such as through the federal False Claims Act.
Compliance tips
Hospitals should view CMS’s proposed rule as a warning that the grace period for noncompliance is closing and to minimize risk, take steps to post at least a good faith effort at the requisite information files by January 1, 2022. But unfortunately coming into compliance is not necessarily a simple task. Many hospitals have criticized CMS’s estimated compliance costs—$11,898.60 per hospital in year one, with “minimal burden on hospitals for remaining compliant” going forward—as grossly unrealistic.
Hospitals can expect that they will need to aggregate a cross-functional team comprised of operations, network system administrators, revenue cycle management, and lawyers. Structural implementation decisions should be made as soon as possible, such as whether to use paid claims or data from contract management systems, and which 230 shoppable services to post (CMS suggests these should be selected at least in part based on the frequency at which they were provided in the prior year). Special consideration should be given to identifying the charges for service packages, as these rates will not be specifically listed in existing chargemasters but must nonetheless be calculated and disclosed.
Hospitals should also decide whether, based on their existing infrastructure for providing price estimates, it would be preferable to satisfy the shoppable services requirement by instead maintaining an internet-based price estimator tool. This decision may be influenced by how the hospital plans to come into compliance with related requirements under the No Surprises Act to provide advance good faith estimates of costs for out-of-network services.
Finally, to the extent hospitals must take positions on ambiguous regulatory provisions, they should document the reasonable basis for their interpretation. This documentation can provide a possible basis for challenging CMPs in the future.
About the author: Brenna E. Jenny is a partner in Sidley Austin’s Healthcare group. Until January 2021, she served as the Principal Deputy General Counsel at the Department of Health and Human Services and the Chief Legal Officer for CMS.