Colorado Issues New COVID-19 Directives & Guidance to ALRs

On March 23, 2020, the Colorado Department of Public Health & Environment (CDPHE) issued further Directives and Guidelines applicable to Assisted Living Residences (ALRs).

CDPHE Letter Regarding ALR Visitation Requirements:

  1. Home health and hospice workers operating under physician’s orders may be essential visitors, as considered on a case-by-case basis with the resident’s physician.
     
  2. All visitors permitted after screening must perform hand hygiene, use Personal Protective Equipment (PPE), and restrict their visit to the resident’s room or other designated location.
     
  3. Essential visitors entering under compassionate care situations or as vendors must be screened and then also limited to a specific room.

CDPHE Directives and Guidelines also highlight the following:

  1. If a resident has a suspected COVID-19 case:  Consider telehealth or nurseline options instead of calling EMS.  In Colorado, telehealth is covered by all insurance plans.  Services are available here.
     
  2. For people experiencing COVID-19  symptoms:  Not everyone with symptoms needs to be immediately tested, but if the resident has mild symptoms, isolate the resident and avoid unnecessary contact until he/she: (1) has had no fever for at least 72 hours; (2) other symptoms have improved; and (3) at least 7 days have elapsed since the symptoms first appeared.   Increased precautions and directives are provided for residents with more serious or sever symptoms.
     
  3. Communities who are aware of a resident with COVID-19:  Report the case to the county public health agency.  Log other individuals who interacted with the afflicted resident and be able to report all staff who had interactions. 
     
  4. Resident Rights:  There is a right to personal and community engagement and residences may not restrict a resident from leaving unless living in a locked and secure environment.  However, strongly encourage residents to stay-in-place and screen returning residents.  Gordon & Rees attorneys advise that for those Communities in Denver, residents must be educated about and comply with the Stay at Home Order issued on March 23, 2020 and revised on March 24, 2020.
     
  5. Infection Control Practices:  Re-train all staff on infection control policies and reinforce hygiene directives.
     
  6. Stimulating Self-Isolating Residents:  Consider alternate communication methods with technology and provide other activities.  Make routine, safe-distance checks on isolated residents.

Visit our COVID-19 Hub for ongoing updates.

Denver Ordered to Stay Home, Certain Healthcare Operations Excluded

On March 23, 2020, Denver Public Health Administrator Robert McDonald issued a Stay at Home Order.  The Order requires all individuals in the City and County of Denver to stay at home, except for limited essential activities, including “Healthcare Operations.”  Individuals are permitted to leave their homes to both work at and obtain services from these Healthcare Operations.

The Order provides the following list of examples of Healthcare Operation, but notes the term will be construed broadly to avoid any impacts to the delivery of healthcare.  Finally, health clubs, fitness and exercise gyms, and similar facilities are not included in the exemption.

Healthcare Operations:

  • Hospitals, clinics, and walk-in health facilities;
  • Medical and dental care, excluding elective procedures;
  • Research and laboratory services;
  • Medical wholesale and distribution;
  • Home health care companies, workers, and aides;
  • Pharmacies;
  • Pharmaceutical and biotechnology companies;
  • Behavioral health care providers;
  • Nursing homes, residential health care, or congregate care facilities;
  • Medical supplies and equipment manufacturers and providers, or any related and/or ancillary healthcare services;
  • Veterinary care, livestock services, and all healthcare services provided to animals; and
  • Animal shelters and pet boarding services.

Visit our COVID-19 Hub for ongoing updates.

CMS Updates Guidance for Visitation in Nursing Homes

On Friday, March 13, 2020, Centers for Medicare & Medicaid Services (CMS) again revised its guidance for infection control and prevention of COVID-19 in nursing homes – this time to include guidance for visitation.

The new guidance applies to all facilities nationwide and calls for a restriction on visitation of all visitors and non-essential health care personnel. If a state issues a more restrictive ban, a surveyor cannot cite the facility for noncompliance with visitation requirements when complying with heightened state orders. Facilities should notify all potential visitors to defer visitation through signage posted at entrances/exits, letters, emails, phone calls, recorded messages, and other means by which the facility normally communicates.

Exceptions to the Restriction

1. Cases of compassionate care or end-of-life

These visits are to be evaluated on a case-by-case basis. Before a visitor is permitted into the facility, they must undergo careful screening for symptoms of respiratory illness including fever, cough, shortness of breath, or sore throat. If the potential visitor has any of these symptoms, they should not be allowed in the facility at any time.

If the visitor is permitted, facilities must require the visitor to frequently perform hand hygiene and use personal protective equipment, including a facemask. The visit should be limited to a specific room. This could either be the resident’s own room or another room designated by the facility.

2. Health care workers

Health care workers are permitted into facilities given they meet the criteria outlined by the CDC here.

3. Surveyors

Surveyors must be allowed to enter, unless they are exhibiting symptoms of respiratory illness.

Monitoring after Visitation

Facilities should advise any individual who is allowed in the facility to monitor themselves for symptoms of respiratory infection for at least 14 days and, if symptoms occur, to:

  • self-isolate at home;
  • contact their healthcare provider; and
  • immediately notify the facility with details of their visit such as the date of visit, who they were in contact with, and the locations within the facility they visited.

Facilities should the immediately screen the individuals of reported contact and take appropriate actions.

Additional Updated Guidance

CMS added some general additional guidance for infection control, such as:

1. Canceling communal dining and group activities;

2. Implementing active screening of residents and staff for symptoms of respiratory illness;

3. Reminding residents of proper hand hygiene and social distancing;

4. Screening staff for and documenting symptoms of respiratory illness at the beginning of each shift;

5. If staff work at multiple facilities, actively screen and restrict appropriately so illness is not spread between facilities; and

6. Restricting access to the Ombudsman program per the guidelines above, but allowing review on a case-by-case basis.

See CMS Guidance for Infection Control and Prevention of COVID-19 in Nursing Homes (REVISED).

Colorado State Health Department Issues Orders Restricting Visitors in Skilled Nursing, Assisted Living, and Intermediate Care Facilities

On March 12, 2020, The Colorado Department Public Health and Environment (CDPHE) issued emergency orders to prevent further spread of COVID-19. The order requires all Colorado licensed or certified skilled nursing facilities, intermediate care facilities and assisted living residences to implement the following restrictions and requirements regarding visitors to these facilities:

Screening, limiting and restricting visitors

1. Follow the revised CMS guidelines on restricting visitorson restricting visitors, even though the facility (e.g., ALRs) may not be subject to CMS certification. Gordon & Rees has concurrently published a bulletin on these guidelines here.

2. Restrict visitation of non-essential individuals. Facilities should post signage with the essential individual visitor policy. Essential visitors include vendors providing necessary supplies or services and individuals necessary for a resident’s physical and mental health.

3. Before allowing entry, screen all essential individuals before they enter the facility. Facilities should limit the number of essential individuals who enter the building. Facilities are required to document all screenings with this CDPHE form. These forms must be retained indefinitely and must be provided to CDPHE when requested.

4. After entry, facilities should implement limits within the facility. This includes:

  • Using personal protective equipment, including a gown, gloves, and a mask;
  • Limiting movement to the resident’s room;
  • Limiting surfaces touched;
  • Limiting physical contact; and
  • Limiting the number of visitors to only two essential visitors per resident at a time.

Gordon & Rees counsel have confirmed with State authorities that the Order does not give facilities discretion to require some, but not all, essential individuals entering the building to wear PPE. Even though resident interaction may be limited for certain visitors, the Order still requires PPE for all visitors entering the facility. The Colorado Department of Public Health & Environment has indicated that, when PPE is not available, facilities should contact their local/county health departments to determine if there is PPE available for distribution.

Gordon & Rees counsel also recommend requiring outside home health, hospice and or therapy contractors to supply their own PPE when entering the facility.

5. If there is a suspected, presumptive, or confirmed case of COVID-19 the facility must:

a. Contact and notify the county public health agency and CDPHE;

b. Identify and maintain a log of visitors and staff who interacted with the infected individual and their environment; and

c. Restrict visitation to and all group activities within the facility.

Provide alternative means of communication

Facilities must provide residents and family with alternate means of communication, phone calls, Facetime, email, etc., when restricting visitation. A staff member should be assigned as a primary contact for each resident. This person should be the contact point for incoming calls as well as provide regular updates via outbound calls. Facilities should set a phone line recording, updated daily, concerning the facility operation and visitation status.

Revise polices concerning third parties

Facilities should also review their interactions with third parties and revise related policies to ensure the best practices are in place to prevent transmission of COVID-19.

Gordon & Rees counsel are continually monitoring the rapidly evolving nature of State and Federal guidance. We are here to assist with the development of compliant policies, while understanding the continuing need to promote patient care and operational objectives during these difficult times.

See Notice of Public Health Order 20-20.

CDC COCA Issues Update on COVID-19 for Clinicians & Healthcare Facilities

On March 5, 2020, the CDC Clinician Outreach and Communication Activity (COCA), a resource for emergency health professionals, hosted a call updating clinicians on preparing for COVID-19, or coronavirus. Healthcare settings, including skilled nursing and long-term care facilities, are some of the areas of greatest concern. Below is a summary of COCA’s best practices when addressing COVID-19 in a healthcare setting:

1) Identifying persons under investigation

As of yesterday, the criteria for evaluation of persons under investigation was expanded to a wider group of symptomatic patients. Clinicians should look to possible symptoms of COVID-19, such as fever, cough, and difficulty breathing, in determining if the patient should then be tested. Influenza should also be considered during testing and co-infection is possible. Testing of healthcare personnel should be considered if they have been exposed to an individual with a suspected case of COVID-19 or they exhibit even mild symptoms of COVID-19.

2) Applying infection prevention and control measures

While the CDC has learned a lot about COVID-19, there is still a great deal that is unknown. The best way to protect residents, visitors, and staff is to rely on the infection control measures already in place. This includes standard precautions, such as washing hands and disinfecting surfaces. Facilities should also take an aggressive approach to diagnosing individuals showing signs of any respiratory infection and place them in isolation where possible.

3) Assessing risks for exposures

It is currently optional, not mandatory, for facilities to verify absence of fever and respiratory symptoms when healthcare personnel report to work. Risk exposure should focus on source control, use of personal protective equipment (PPE), and the degree of contact with the resident. Healthcare providers are also advised to inform their employers if they have travel or community related exposure.

4) Optimizing the use of personal protective equipment supplies

The CDC anticipates an increased demand for N95 masks. Facilities should optimize the use of these masks by, for example, limiting them to use in symptomatic residents and using expired masks during training. The FDA has also issued an emergency use authorization for the use of certain other masks in healthcare settings. See Letter of Authorization and NIOSH-approved FFRs.

5) Managing and caring for patients (inpatient and at home)

If a resident is either a person under investigation or a confirmed case, provide supplies and a garbage bin outside the door of the resident’s room. Post signage on the door clearly describing the infection control precautions to be taken. A facility may also limit exposure by designating and training certain individuals, or a team, to care for persons under investigation or confirmed cases.

Stay Updated:

Looking for information related to a specific state? Contact the authors for more information.

See also: CDC Issues Update on COVID-19 Response: Precautions in Healthcare Facilities (March 4, 2020)

CDC Issues Update on COVID-19 Response

On March 3, 2020, Nancy Messonnier, MD, Director for the National Center for Immunization and Respiratory Diseases at the Center for Disease Control (“CDC”), held a medical telebriefing on COVID-19, commonly known as coronavirus disease. She reported confirmed cases in 12 states. While the CDC, at a national level, and state health departments, on a local level, are taking steps to contain and reduce the spread of COVID-19, she highlighted the importance of informed clinicians in batting the spread of the virus. Here are some recommended actions to prevent the spread of the virus.

Precautions in Healthcare Facilities:

  1. Review Infection Control Policies with Employees and Visitors
    Strictly adhere to all facility policies concerning minimizing exposure to respiratory pathogens. For example, wearing personal protective equipment, such as masks, gloves and eyewear, utilizing airborne infection isolation rooms when possible, and isolating patients when necessary.
  2. Employee and Visitor Screening and Access
    Strictly adhere to all facility policies concerning monitoring who is entering the facility. Including asking family members about travel, cold symptoms, maintaining an accurate sign-in log, and restricting certain visitors. While public health facilities are required by regulations to accept visitors, there are generally exceptions to this when it comes to the health and safety of patients. Be sure to discuss changes to visitor polices with patients as part of their service and care plans. Facilitate alternatives to in-person visitations, such as phone calls, Facetime, and text messaging. Consider blanket prohibitions on visitors if the facility is located in an area with known cases of COVID-19.
  3. Supply Items for Basic Hygiene
    Ensure there are tissues, hand sanitizer, soap, and respiratory masks for the residents, staff, providers, and visitors throughout the facility.
  4. Educate
    Educate residents, staff, providers, and visitors on the individual actions to reduce spread and impact. Posting signs with these recommendations is encouraged. Provide advance warning that access to the facility may be restricted on short notice.
  5. Stay Informed and Communicate
    It is important for providers to be in close contact with state and local health department to understand the precautions being taken at the local level. This also includes reporting any cases to the local health departments as necessary. Consider reaching out to state and local regulatory agencies to inquire whether they have more specific guidance.

Stay Informed

Candor in Colorado: New Statutory Protections for Communications About Adverse Health Care Incidents

On Monday, July 1, 2019, Colorado’s Candor Act will go into effect, making it one of four states in the U.S. to adopt such a law. The Candor Act establishes a process for keeping communications between a patient and health care provider or health facility privileged following an adverse health care incident. Described as an “Open Discussion,” this process allows health care providers or health facilities to communicate with patients and families about a patient’s physical injury or death, conduct an investigation into a health care incident, and if appropriate, provide an offer of compensation because of the physical injury or death. If the statute’s steps are followed, the communications, investigation, and offer of compensation are privileged, confidential, not subject to discovery or subpoena, and are inadmissible at trial, an arbitration hearing, or certain administrative proceedings.

To achieve this protection, requirements of the statute must be fulfilled. For instance, the health care provider or health facility must notify the patient or her family of the intention to engage in an Open Discussion within 180 days after the provider knew about the incident. The patient must be advised of her rights to receive medical records, to have legal counsel if she chooses during the Open Discussion process, and to be notified of applicable limitation periods, among other requirements. If the patient agrees to participate in the Open Discussion, she must provide her agreement in writing.

As a condition of an offer of compensation, the provider or facility may require the patient to execute a release to resolve the health care incident. If the process is initiated properly by the provider, upon successful resolution and receipt of compensation, the event is not likely considered subject to certain reporting required by the Colorado Medical Board, Colorado Board of Nursing, other Colorado licensing boards, or the National Practitioner Data Bank. The law specifies that “candor compensation” is not considered a payment resulting from a written claim or demand for payment, a claim for purposes of reporting to a licensing board or insurance commissioner, or a payment resulting from a settlement, final judgment, administrative action or arbitration award.

Providers and facilities should be cautioned that the protections of the statute do not include certain materials not prepared specifically for an Open Discussion. When proceeding under this process, consult your legal counsel with expertise in the subject in order to ensure compliance with the nuances in the law and be advised of other risks. Providers and facilities should require all involved parties to sign documents as a condition of any compensation paid.

Three Key Requirements Imposed by Colorado’s New Consumer Data Privacy Statute

Be careful what you ask for (and maintain) about Colorado residents…especially if you don’t have the proper data security policies in place. On September 1, 2018, Colorado’s new privacy law, HB 18-1128, will go into effect, imposing new requirements on any business or government entity that maintains, owns, or licenses personal identifying information about Colorado residents.

The new law imposes three key requirements on businesses subject to the rule:

  1. Reasonable security procedures and practices must be implemented that are proportionate to the nature of the personal identifying information maintained and the nature and size of the business’s operations.
  2. Written policies for the destruction and proper disposal of paper and electronic documents containing personal identifying information must be developed.
  3. Breach notification procedures must be followed, including adhering to a 30-day time period by which notification must be completed.

Personal information is defined broadly under the new law to include a resident’s first name or first initial and last name (e.g., Jane Doe or J. Doe), in combination with one of the following: medical information; health insurance identification number; biometric data; social security number; student, military, or passport identification number; driver’s license number or identification card. Personal information also includes—even when not tied to a resident’s name—a resident’s username or email address with a password or a security question and answer that permits access to an online account, or an account number or credit/debit card number in combination with a security code, access code or password that permits access to an online account.

Business that do not already have written data disposal and security policies should act quickly to ensure that they are compliant with the nuances of the new law. Additionally, businesses need to operationalize procedures designed to ensure that employees and third-party service providers are adhering to privacy policies, since mere “paper compliance” falls short of protecting from the risk and exposure attendant to a breach.

Colorado’s breach notification requirement imposes a more aggressive requirement for notifying affected residents than requirements under the Health Insurance Portability and Accountability Act (HIPAA) and virtually any other U.S. state. A business must provide written notification with certain information to affected residents in the most expedient time possible and without unreasonable delay, but not later than 30 days after the point in time when there is sufficient evidence to conclude that a security breach has occurred. For breaches believed to have affected 500 residents or more or 1000 residents or more, businesses must notify the Colorado Attorney General and certain consumer reporting agencies, respectively.

Reflective of the shift towards providing consumers with more control over their personal information, the bill is codified under the Colorado Consumer Protection Act (CCPA), C.R.S. §6-1-713, et seq., and potentially creates a private right of recourse against businesses who misuse a resident’s information. CCPA causes of action oftentimes include assertion of a right to treble (or triple) damages and reasonable attorneys’ fees. Additionally, the Colorado Attorney General may bring civil, or in some cases criminal, actions for violation of the law.

The frequently unforgiving nature of civil monetary penalties imposed by the HHS Office of Civil Rights (OCR) for HIPAA violations should be cautionary. But, not only is there great risk of exposure for unprepared or noncompliant businesses facing enforcement by state and federal regulatory agencies, now more than ever, individual or class action liability seems to be on the horizon. Last, but not least, businesses never envision themselves as “the ones” making headlines about their data breaches…until it happens…and happens quickly.

What if I already comply with other state or federal privacy laws?

The new law indicates that businesses already regulated by other state or federal law are in compliance if adhering to such regulator’s procedures for the protection and disposal of personal identifying information. If the business operates in interstate, international and/or online commerce involving Colorado residents, however, a thorough review of policies and procedures is recommended to ensure that the mandates of the various applicable laws are reconciled against each other. For example, Colorado’s breach notification provision indicates that the time period for notice to affected individuals with the shortest timeframe will control. Healthcare entities which are typically subject to a HIPAA’s 60-day notification requirement need to implement measures to comply with the shortened period under Colorado law.

Recommendations:

Businesses subject to the privacy law should take the following steps, at a minimum, to ensure that they are prepared to comply.

  1. A thorough risk analysis of the type of data maintained should be completed. Entities should know and map the flow of data both internally and outside of their business, whether in paper or electronic format. Inventories of hardware and other electronic portable devices where electronic media is stored should be routinely tracked.  Physical security controls should be identified and regularly reinforced.
  2. Employees must be routinely trained in data privacy and security policies and procedures. Handbooks should be updated and it is a good idea to asses whether to require nondisclosure and confidentiality agreements. Appropriate protocols for the destruction and disposal of personal identifying information must be implemented for all employees accessing the sensitive information, especially for departing employees.
  3. Third-party service vendors should be identified and communicated with regularly to obtain reasonable assurances of compliance with the new law. Contractual documents should reflect vendors’ obligation to adhere to data maintenance, destruction and breach notification policies so that a coordinated and rapid response to a security incident is set in motion.
  4. Businesses, including HIPAA covered entities, should rework their data breach policies and ensure that third-party vendor agreements or business associate agreements reflect Colorado’s more stringent breach notification measures.

Conclusion:

The U.S. Department of Health and Human Services (HHS) recently announced that it is seeking comments regarding potential changes in HIPAA and 42 CFR Part 2,1 with the indication that action to reform the rules will be taken to ease the regulatory burden on the healthcare sector and coordinate better care at a lower cost. These efforts, however, must be juxtaposed with HHS’s continued aggressive enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules2 and many States’ efforts to enact their own heightened data security and breach laws.3

There is no uniform mechanism for determining how best to implement the necessary measures. Legal counsel specializing in data privacy and security law are instrumental resources when ensuring that adequate measures are taken to navigate compliance with state and federal laws, especially in today’s rapidly changing environment.
___________________________________________________________________

1 42 CFR Part 2 is a federal privacy law governing the confidentiality for individuals seeking treatment for substance use disorders from federally assisted programs.
2 Of note is a recent ruling by a HHS Administrative Law Judge upholding $4.3 million in civil monetary penalties after The University of Texas MD Anderson Cancer Center reported three separate data breaches involving an unencrypted laptop and USB drives.
3 The California legislature’s recent passage of a sweeping consumer privacy law is just one such example.

Will Massachusetts be able to negotiate Medicaid prescription drug prices?

In the absence of new federal policies to tame high price drugs, Massachusetts’ state Medicaid program is fighting for the power to negotiate discounts for the drugs it purchases and to exclude drugs with limited treatment value.

If the Department of Health and Human Services approves the State’s plan, others will likely take similar action. According to the most recent federal data, Medicaid spending on prescription drugs increased about 25 percent in 2014 and nearly 14 percent in 2015.

Currently, state Medicaid programs are required to cover almost all drugs that have received Food and Drug Administration approval, including multiple drugs from different manufacturers used for the same purpose and in the same category. In exchange, manufacturers must discount those drugs. The discount is typically based on a set percentage of the list price, specified by federal law. However, as drug prices soar, states say those fractional discounts no longer suffice to defray the burden of rising costs.

One example presents itself through the hepatitis C cures released in recent years whereby prices come in tens or hundreds of thousands of dollars and have cost Medicaid billions. In turn, some states tried to restrict access so that only the sickest patients could get the drugs. Advocates filed suit in response and won based on the argument that such limits violated Medicaid’s statutory drug benefit.

In response, Massachusetts is requesting a federal exemption known as a Section 1115 waiver, which allows states to test ways of improving Medicaid. In short, it wants to pick which drugs it covers based on most beneficiaries’ medical needs and which medicines demonstrate the highest rates of cost effectiveness. The desired result is that it will be able to negotiate better prices, which in turn will lead to saving public dollars while still maintaining patients’ access to needed therapies.

Critics worry this change could make it harder for low-income people to get needed medications, without necessarily providing them an alternative. Further, the Pharmaceutical Research and Manufacturers of America (PhRMA), the drug industry’s trade group, has already noted its displeasure with this plan, saying that Massachusetts’ plan would limit consumer access and is ultimately unnecessary on top of the rebates Medicaid programs receive. If the Department of Health and Human Services approves the plan, it is likely that the industry would sue.

However, states are becoming desperate to find a way reduce the exorbitant costs of prescription drugs any way they can. If Massachusetts plan is approved, it is likely that there will be many other states that will be interested in following this lead.

The Five W’s of Intellectual Property Assets in Health Care Business Transactions

Introduction

Intellectual Property (“IP”) assets are important in several types of business transactions, including healthcare business transactions. This article provides an overview of how one can best protect, transfer, and preserve IP rights pursuant to such a transaction.

Who has Healthcare IP?

Healthcare IP is a broad area. Among other things, it includes the IP of large institutions such as university medical centers conducting clinical trials, and pharmaceutical and biotechnology companies conducting drug research. It also includes the IP of smaller entities, such as physician practices making discoveries or creating new clinical devices or developing novel procedures and techniques.

What is Healthcare IP?

Healthcare IP can come in the form of patents, trademarks, copyrights, and even trade secrets. A research medical school may possess a process or method patent on a new procedure, while a pharmaceutical company may possess a product or formulation patent on a new drug. Hospitals, large ambulatory surgery centers, and even many solo physician practices may have registered trademarks on their logos, marks, and advertising. Healthcare providers and entities also may have copyright protections on their publications, protocols, and policies and procedures. Some jurisdictions have also extended IP rights to items such as patient lists under the umbrella of trade secrets. Other assets that share similarities with healthcare IP include “doing business as” (“DBA”) or assumed name filings, web domains, and even business insider knowledge and relationships.

When do you start the process of evaluating Healthcare IP?

When engaging a target healthcare company for merger or acquisition, healthcare IP should be a topic in early business negotiations and be an item in the first due diligence checklist submitted to the seller. From the buyer’s perspective, it is important to have an early handle on what IP is involved in a transaction so that the proper steps are taken to make sure it is adequately preserved and protected in the transaction. From the seller’s perspective, it is important to disclose IP and the actual rights to it so that it is clear what the buyer is buying, and also that the seller indeed possesses the rights to it in order to sell. If the buyer utilizes IP in good faith that the seller in fact did not possess, the seller could ultimately be liable via indemnification if this was not properly disclosed.

Where do you describe and list Healthcare IP?

Healthcare IP should be listed in a comprehensive and straightforward manner in the disclosure schedules to the purchase agreement. Care should also be taken to describe the IP fully and properly in any necessary assignment agreements, registration updates, and in any other required places.

Why is Healthcare IP important?

Healthcare IP is important for numerous reasons. For several entities, such as universities or pharmaceutical companies, it can represent millions, if not billions, of dollars in investment and research and development. For other smaller entities, in the instance of a trade secret, it may not necessarily represent the same kind of capital investment but it may very well still be critical to the survival of that business. Regardless of scale, it is important to maintain and also to transfer IP properly. If not secured properly, IP may be lost. For example, if a buyer does not know about acquired IP, it will not know to file regular maintenance fees and could risk cancellation of the IP. Conversely, if a buyer thinks it owns IP that it actually does not, it may end up violating another entity’s IP rights through use without knowing it. A cease and desist letter accompanied by a demand for unpaid royalties may quickly follow.

How do you secure Healthcare IP?

The best way to secure healthcare IP is to first identify the IP. As mentioned above, care should be taken to comprehensively list IP in an asset purchase agreement. In the case of a stock purchase, it is critical to ensure that the corporate entity selling its stock actually is the invention owner or assignee of record, etc., that possesses the right to transfer the IP. Then, proper steps should be taken to commemorate and transfer the IP through the deal documents and any necessary assignment agreements. Concurrently, proper notices and updates should be made to the various relevant governmental entities such as the U.S. Patent and Trademark Office, the U.S. Copyright Office, and state-level agencies such as the secretaries of state, and trademark offices, as required.

Conclusion

Healthcare IP is an important piece of healthcare transactions. For some businesses, it may represent the raison d’être for the business; for example, a big pharma spinoff whose one product is a therapeutic HIV drug. For other companies, healthcare IP could be less mission-critical. In both circumstances, however, IP is likely a valuable component of a company’s assets and should therefore be given due thought and consideration in a transaction.

About the Author

Justin Puleo is an associate attorney in the Raleigh office of Gordon Rees Scully Mansukhani, and a member of the firm’s Intellectual Property and Healthcare practice groups. He has an interdisciplinary background, which he has leveraged into a full and diverse practice. He is an experienced healthcare transactional attorney and a member of the patent bar who appreciates finding creative and regulatory compliant solutions to business concerns and initiatives. He can be reached at (984) 242-1790 or jpuleo@grsm.com.