Author: Emilee Daniel

Creative Section 1115 Programs Address Heat-Related Hospitalization Costs and Other Social Determinants of Health

By Emilee Daniel

Extreme heat is leading to a health crisis in the United States. According to the Centers for Disease Control, 658 people die due to extreme heat every year on average. The number of people impacted by heat-related illnesses, like heat exhaustion and stroke, is even higher. American healthcare costs for heat-related and heat-adjacent illnesses are estimated to hit $1 billion per summer. Further, heat-related hospitalization costs are higher for Medicaid and Medicare recipients.

            States are getting creative to combat heat-related illnesses and hospitalization costs, especially for Medicaid recipients. For example, Oregon will begin offering free climate devices, like air conditioners and refrigeration units, to qualifying individuals starting January 1st, 2024. Five states and American Samoa offer cooling assistance through the Low Income Home Energy Assistance Program, but Oregon’s program has a different statutory basis.

            Oregon’s program will be administered through the Oregon Health Plan (OHP), the state’s Medicaid and Children’s Health Insurance Program (CHIP) embodiments. Medicaid was established in 1965 as an amendment to the Social Security Act. Section 1115 of the Social Security Act allows states to propose “any experimental, pilot, or demonstration project … to promote the objectives” of Medicaid, so long as the project “would result in an impact on eligibility, enrollment, benefits, cost-sharing, or financing” of the state’s Medicaid program.

            On January 7th, 2021, CMS released  guidance for State Health Officials exemplifying the breadth of possible programs under Section 1115. The guidance listed categories of support that may address social determinants of health such as: housing-relating services and supports, non-medical transportation, home-delivered meals, educational and employment services, and community integration initiatives. In accordance with Section 1115, these program’s goals are to “lower health care costs, improve health outcomes, and increase the cost-effectiveness of health care services and interventions for Medicaid and CHIP beneficiaries.

Guidance published by CMS on January 4th, 2023 elaborated on the power of Section 1115. This guidance detailed how to propose services that would stand in lieu of a traditional healthcare facility, like a hospital. The goals of these programs are to “offset potential future acute and institutional care and improve quality, health outcomes, and enrollee experience.”

As of November 2nd, 2022, Oregon was one of twenty-two states that had submitted proposals for or been approved to implement a program under Section 1115to address social determinants of health. One program in North Carolina delivers fresh produce to Medicaid recipients in hopes to fend off diabetes and other nutrition-related diseases. In West Virginia, a program expands access to substance use disorder treatments, housing while in recovery, and peer support services for Medicaid recipients. Arizona used Section 1115 to integrate health plans, manage long-term health plans, and expand dental coverage to Medicaid recipients, as well as those in its Urban Indian health program.

Although approaches to Section 1115 and Medicaid eligibility differed greatly between the Trump and Biden Administrations, states like Oregon continue to propose, implement, and oversee inventive projects to bolster the Medicaid system. Hopefully, Section 1115 will give rise to data-backed programs that Congress and CMS can implement on a national level.

Can East Palestine, OH Seek Derailment Relief Through a Medical Monitoring Program?

On February 3rd, 2023, a Norfolk Southern train derailed in East Palestine, Ohio. The village rests on the Ohio-Pennsylvania border. Investigators believe that a broken axle caused approximately fifty of the 100 car train to derail. Five derailed cars carried vinyl chloride. Over the following days, the vinyl chloride was released from the cars in a controlled burn, unleashing hydrogen chloride and phosgene gases into the air. Although residents were originally evacuated, they were soon permitted to return only a few days later.

The Environmental Protection Agency classifies vinyl chloride (VC), a chemical commonly used to manufacture PVC piping, as a Known Human Carcinogen. The chemical’s Category A classification is based on human occupational studies and animal testing. The tests and studies show that VC is hazardous if inhaled or absorbed orally or dermally. Nearly all cases of liver angiosarcomas have been linked to occupational exposure to VC. Furthermore, VC has been linked to liver, brain, lung, and lymphopoietic system cancers. Highly concentrated exposures can also cause headaches, drowsiness, and dizziness.

As of February 15th, the Ohio Environmental Protection Agency was testing the wells that supply drinking water to the area and maintained that they were not contaminated. However, residents of the area have reported headaches, sudden death of domesticated pets, and lifeless fish in nearby streams.

Undoubtedly, this disaster has major health and environmental implications, but developments in American tort law may burden Ohioans who seek relief. As of February 10th, four lawsuits had been filed, three in the United States District Court for the Northern District of Ohio and one in the Court of Common Pleas Columbiana County, Ohio. Two of the federal suits include a count of strict liability, alleging that transporting a known carcinogen is an ultrahazardous activity. The state suit partially relies on res ipsa loquitur. Res ipsa loquitur is a torts doctrine that allows plaintiffs to argue for liability based on the assumption that without the defendant’s negligence the event that occurred would not have ordinarily happened. 

All four suits have two things in common: they are petitioning for class action status and seek for Norfolk Southern to fund a medical monitoring program (MMP) for individuals within a certain radius of the detrainment and controlled burn. MMPs provide ongoing medical screening and care to populations who are not currently injured but will likely develop health issues caused by a negligent act. American tort law’s view of MMPs is being cautiously evaluated. MMPs would provide relief to those exposed to hazards that may take years to medically manifest but would impose liability without presence of a current physical injury, violating a tenant of tort law. The Supreme Court has previously rejected a MMP to relieve railroad workers exposed to asbestos because it was concerned about overextending liability. The American Legal Institute (ALI) is considering the topic while drafting its Restatement (Third) of Torts: Concluding Provisions.

As of October 2020, eleven states legally recognized MMPs. Pennsylvania and West Virginia not only allow MMPs but recognize them as a cause of action. These two states border Ohio and also sit within the Appalachian Mountains. Although MMPs present relatively novel considerations in American tort law, such a program may be the most just course of action when a railroad company experienced in derailments exposes an entire town to a known carcinogen due to a broken train axle.

Accountability for Privacy Violations in Mobile Health Apps: Flo Health and the Health Breach Notification Rule

Digital privacy concerns were raised once again following the overturn of Roe v. Wade in June 2022. These concerns were exacerbated when messages sent via Facebook Messenger discussing a medication-induced abortion were the basis for further search warrants that were used to prosecute a mother and daughter in Nebraska. As exemplified in the Nebraska case, tech companies must comply with search warrants issued by courts, sewing privacy concerns particularly in period tracking app users. Following the overturn of Roe v. Wade, menstruating people were encouraged to delete period tracking apps all together, but data experts warned that deleting the apps alone may not protect users.

Privacy concerns are not new to period tracking apps. Flo Health is a period tracking app, used by more than 100 million users, with a history of privacy concerns. From 2016 to 2019, Flo Health promised users to keep their health data private yet released identifiable health information to third party applications, including Facebook’s analytics division. In 2020, the Federal Trade Commission (FTC) filed a complaint against Flo Health alleging that the app had misled users about how their health information was stored and used. Flo had been sharing user data with third party firms under app event names such as “R_Pregancy_Week_Chosen,” explicitly communicating their health information. Flo Health reached a settlement with the FTC in 2021. Flo Health is just one example of how mobile apps struggle with privacy compliance.

While the Health Insurance Portability and Accountability Act (“HIPAA”) applies to many institutions who store personal health records, its application to mobile health apps, such as Flo Health, can be complicated.  The FTC has released an interactive tool for mobile health app developers to determine if certain regulations apply to their app. One such regulation is the Health Breach Notification Rule (“HBN”). The HBN was enacted in 2009, but, as of 2021, the FTC has never brought  an action to enforce it.  The HBN was enacted to ensure accountability when entities not covered by HIPAA compromise consumers’ sensitive health information.  The regulation requires subjected entities to inform users and the FTC of any breach of security of unsecured personal health records. A breach of security is considered any acquisition of identifiable health records that is not authorized by the consumer.

While the FTC did not charge Flo Health with a violation of HBN, two Commissioners released a joint statement arguing that its application was warranted in the case. Commissioners Rohit Chopra and Rebecca Kelly Slaughter argue that Flo Health shared user data with Facebook and other entitles, without obtaining the user’s authorization to do so. The Commissioners seek enforcement of the HBN as a way to, “induce firms to take greater care in collecting and monetizing our most sensitive information.” The FTC has also published further guidance for mobile health app developers that store sensitive health information. The guidance includes minimizing data collected, storing it in a de-identified form, and limiting operating systems’ access to the data.

Despite this guidance, Flo Health, and apps like it, still store detailed, identifiable information about their users, including personal notes left by the user. However some progress has been made as Flo Health released an “anonymous mode” after the overturn of Roe v. Wade in June, allowing users remove their name, email address, and technical identifiers. However, a user’s privacy and control over their health information should not be an afterthought only brought about by changes in case law, especially when regulations already exist to hold entities accountable for releasing sensitive information without the user’s authorization.