Disclaimer
This publication is designed to provide general information on pertinent legal topics. The statements made are provided for educational purposes only. They do not constitute legal or financial advice nor do they necessarily reflect the views of Holland & Hart LLP or any of its attorneys other than the author. This publication is not intended to create an attorney-client relationship between you and Holland & Hart LLP. Substantive changes in the law subsequent to the date of this publication might affect the analysis or commentary. Similarly, the analysis may differ depending on the jurisdiction or circumstances. If you have specific questions as to the application of the law to your activities, you should seek the advice of your legal counsel.
Privacy Policy
View our privacy policy.
Revamp of The No Surprises Act Federal Independent Dispute Resolution Process
/in Compliance, Healthcare Law, No Surprise Billing, Reimbursement & CollectionsBy Jake Walker
One of the most scrutinized aspects of the No Surprises Act has been the Federal Independent Dispute Resolution (“IDR”) process. According to data published by The Centers for Medicare and Medicaid Services (“CMS”), the number of disputes initiated between April 15, 2022, and May 31, 2026, was 6,336,0321. Of those disputes, 1,066,645 were found to be ineligible and 208,020 were closed due to other events (e.g., withdrawn by disputing parties, outside settlement, administrative closures)2. The total volume of disputes far exceeded initial projections by the relevant agencies, creating significant backlogs in the Federal IDR process.
As a result, the U.S. Department of Health and Human Services (“HHS”) (along with the Department of Labor and Department of the Treasury) (collectively, the “Departments”) published a final rule on June 4, 2026, addressing particular aspects of the Federal IDR process including issues with timely rendering of payment determinations, enhancing information sharing between relevant actors, and introducing clearer timeframes for certain steps in the Federal IDR process (the “Final Rule”)3. The Final Rule is effective August 3, 2026, with staggered applicability dates for specific provisions (as shown in the table provided below). The Final Rule represents the most comprehensive revision to the Federal IDR process since its establishment.
Read more
HIPAA and Deceased Persons
/in HIPAABy Kim Stanger
The HIPAA privacy and security rules generally apply to protected health information of deceased persons as well as the living. Providers may generally use or disclose such information concerning deceased persons as follows:
1. Treatment, Payment, or Operations. As with living persons, HIPAA allows providers to use or disclose protected health information of deceased persons for purposes of treatment, payment, or the provider’s healthcare operations, unless the provider has agreed otherwise. (See 45 CFR §§164.506 and 164.522(a)). This may include treatment of other living relatives. As the Office for Civil Rights (OCR) explained, “disclosures of protected health information for treatment purposes—even the treatment of another individual—do not require an authorization; thus, a covered entity may disclose a decedent’s protected health information, without authorization, to the health care provider who is treating the surviving relative.” (OCR FAQ, available at https://www.hhs.gov/hipaa/for-professionals/faq/222/how-can-i-obtain-a-deceased-relative-medical-record/index.html). Read more
Nevada Pauses Medicaid Enrollments for DMEPOS Providers
/in Provider NetworksBy J. Malcolm (Jay) DeVoy
On April 16, 2026, the Nevada Health Authority (NHA) announced a temporary, statewide moratorium on enrolling new Durable Medical Equipment, Prosthetics, Orthotics, and Suppliers (DMEPOS) providers in Nevada’s Medicaid program (Medicaid). While the NHA’s notice does not expressly address revalidation of previously enrolled DMEPOS providers, it describes the moratorium applying only to “the enrollment of new [DMEPOS] providers,” without effect on those currently enrolled in the program.
Providers of DMEPOS distribute a wide range of medical equipment, ranging from FDA-approved medical devices such as skin grafts used in wound care, pacemakers, and metal implants used in treating bone injuries, to CPAP machines used to treat sleep apnea and common mobility aids such as walkers and wheelchairs. To obtain payment for providing these products to patients, DMEPOS providers may be enrolled in Medicare and state Medicaid programs. The moratorium effectively means DMEPOS providers not already enrolled in Nevada’s Medicaid program will not receive payment for these products. Read more
Changes to Idaho’s Minor Consent Law
/in Idaho Healthcare LawBy Kim Stanger
Idaho has amended its restrictive minor consent law effective March 31, 2026.1 A redline showing the changes is available at https://legislature.idaho.gov/wp-content/uploads/sessioninfo/2026/legislation/H0860E1.pdf. The amendments address many of the concerns raised by the original act, but problems and questions concerning its application remain. Read more
Update Business Associate Agreements to Comply with New Substance Use Disorder Record Rules
/in HIPAABy Kim Stanger
As of February 16, 2026, the new rules governing the confidentiality of substance use disorder (SUD) records will be enforced. If they have not done so, federally assisted SUD programs (Part 2 Programs) who are covered entities under HIPAA will need to update their business associate agreements (BAAs) to ensure compliance with the new rules.
SUD Confidentiality Obligations. The new Part 2 rules generally prohibit Part 2 Programs from disclosing SUD information without the patient’s written consent. However, the rules contain an exception that allows Part 2 Programs to disclose SUD information to a qualified service organization (QSO) without the patient’s consent so long as the Part 2 Program has an agreement with the QSO that requires the QSO to comply with Part 2. Read more