See more

U.S. healthcare law: Compliance & considerations for startups & international incumbents

The field of healthcare is a highly complex, and oftentimes bureaucratic one. Now, in the midst of a global pandemic, the U.S. healthcare system is overloaded. Despite that reality, international healthcare and life science companies continue to be interested in doing business in the U.S.  Innovative healthcare companies continue to enter the space with the best of intentions, but to say there is a learning curve would be an understatement.

Rules and regulations are intended to protect and achieve the best possible outcomes for all involved, and must be upheld.  Regulatory failures can doom and bankrupt even well-intended new ventures in the United States. And our legal structure for healthcare is a lattice: federal, state and local laws overlap, and are supplemented by accreditation authorities and rules/contracts from commercial insurers (“payors”).  When it comes to learning about and complying with U.S. healthcare law, the work for healthcare organizations — no matter their size, stage, or origin — is never done.

healthcare team

Let’s take a high-level look at current U.S. regulations and laws, by breaking them up into the following categories:

  • Licensing: Meant to ensure everyone working in the healthcare sector has the proper licensing and training to abide by general requirements and deal with any issues that arise, as it relates to them performing their jobs.  Most licensing is handled at the state level, and they often differ wildly among the 50 U.S. states. 
  • Privacy: The Federal “HIPAA” regulations covers the privacy and security of protected health information (PHI). Compliance involves developing, implementing, and regularly updating policies and procedures to protect PHI. Additionally, security rules govern electronic storage and transfer of PHI.  Again, there are similar laws on the state level, with states like California designing privacy rules with complexity and reach to rival the EU’s GDPR.
  • Peer review and quality assurance: Checks and balances meant to ensure quality and safety, regarding everything from care delivery to drug development.
  • Health insurance: In order to make the cost of healthcare affordable, most people invest in either third-party private insurance, or government-funded Medicare or Medicaid.
  • FDA Compliance: Assuring your products are safe and lawfully marketed; getting started very early on this process is essential to a successful U.S. launch.
healthcare business

Depending on your organization’s product or service, you will need to meet a host of regulatory conditions in order to operate safely and successfully in the U.S. We recommend the following tips to do so successfully:

  • Anticipate the costs: Allocate sufficient resources — in terms of money and man power — to do things the right way, the first time around.
  • Do your homework: No matter what ancillary support is employed, organizational leadership is responsible for researching all of the rules and regulations that will be implemented before putting them into play. All the way down to the state level. A leader’s understanding of the what’s and why’s will support their ability to mobilize.
  • Embrace the known and explore the unknown: Foster a culture that values transparency, communication, and compliance. And be ready for anything that might come your way.
  • Trust the experts: Knowing what you don’t know is just as important as knowing what you do. Seek the services of a good attorney with experience in your specific sector, and/or a clinician with regulatory expertise. Professional legal help can come at a premium, but many firms offer creative payment structures and fee deferrals to ensure clients’ access isn’t cost-prohibitive.

For new entrants — be they U.S.-based startups or international incumbents — you can never begin too early to get a lay of the land. An adequate understanding of all the rules and regulations that will apply to your venture is key to ensuring your product or service upholds the highest standards of quality, safety, and accessibility. One of the best, most informal ways is to connect with other professionals in the field. This could be complimentary organizations and strategic partners, or on the flip side, prospective customers of your product or service. Seek this expertise early and often. It takes time and money, but is far better to approach proactively than attempt to clean up after the fact.

And companies like Inlightened make seeking and securing those insights seamless.

Larry Vernaglia

Lawrence Vernaglia is a seasoned authority in healthcare law. He practices and serves as a partner at Foley & Lardner LLP, where he chairs the firm’s Industry Teams Department and manages overarching strategy and leadership. Widely published and respected for his expertise, Lawrence is a lecturer at Boston University School of Law and is regularly asked to speak about accountable care organizations, physician/hospital joint ventures, policies for the uninsured, corporate governance for nonprofits, compliance, HIPAA, reimbursements, and managed care. He is also a member of CommonAngels Ventures. Lawrence is a graduate of the New College of Florida and earned his JD and MPH from Boston University.