Schedule

Kathleen Healy, Robinson & Cole
Robert Martin, Senior Legal Counsel, Mass General Brigham Incorporated

• Suggested steps to enable a health care compliance program to assess and monitor the use of AI in the enterprise
• Legal issues and ethical considerations raised by AI (e.g., informed consent, privacy and security including FTC and HIPAA breach rules, FDA approval, bias and discrimination, fraud and abuse)
• Practical considerations (e.g. governance and internal processes and controls)
• Legal trends to monitor
• Emerging laws and regulations

Tony Maida, McDermott Will Emery
Matthew Schwartz, Director, Financial Crime, Fraud & Investigative Services, Guidehouse
Kirk Sripinyo, Deputy Branch Chief, Affirmative Litigation Branch, Office of the Inspector General, US Department of Health and Human Services

• The ways in which AI may impact fraud and abuse risks, both in potentially creating new risks as well as potentially mitigating risks or enabling new defenses in False Claims Act actions
• The government has begun investigations into companies that create AI and use AI in their operations, including Medicare billing, and whether offering AI to referral sources creates Anti-Kickback Statute or Physician Self-Referral Law issues
• Health care and life sciences organizations exploring how to adopt AI should be mindful of the fraud and abuse implications of using this technology and how to adapt its compliance program to address those new risks
• Review recent enforcement actions and share practical insight from advising clients on AI adoption and fraud and abuse compliance
• This is labeled as "advanced" because the presentation will assume a certain level of knowledge of the underlying statutes, such as FCA, AKS, PSRL, and Medicare reimbursement principles

Elizabeth Hsieh Lee, Chief Privacy Officer, UCLA
Hillary Noll Kalay, Senior Principal Counsel, University of California Office of the President
Rachelle Sico, Associate Product Counsel, Google

This session will discuss the key considerations on negotiating terms relating to data sharing, primary use, and secondary uses of data. Presenters will discuss issues relating to:

• Privacy, security and data governance
• Data flow from health care provider, to AI vendor, and back, and the variations of data
• Downstream AI uses of data
• Industry benchmarking
• Marketing and optics

Stephen D. Bittinger, Polsinelli PC
Maggie DiConstanzo, Offit Kurman
Jonathan M. Joseph, Christian & Barton

• The current tools, tasks, and disputes of in the use of AI in managed care
• Efforts by federal and state governments to regulate the use of AI in managed care
• The contracting strategies for the  use of AI in managed care
• Key issues to address with AI vendors using plans’ data
• Key issues being litigated against managed care plans for use of AI
• The vital legal issues that courts must determine on how AI will be valued as evidence

David Peloquin, Ropes & Gray, LLP
Gregory Stein, Senior Counsel, IT & IP, Cleveland Clinic
Allison Trimble, Associate General Counsel, BJC Health System

Much of health care’s promise to improve medical care through innovation relies on the reuse and sharing of health data for research purposes across organizations located around the globe. The growth of artificial intelligence (AI) has only increased the need for such data sharing, as large data sources are required to train AI models. 

Sharing health data for AI development both domestically and across international borders is complex, potentially implicating data protection requirements from many jurisdictions. Understanding data protection laws and their requirements for secondary use and cross-border transfer of data is essential to facilitate AI development. At the same time, the growth of privacy enhancing techniques, such as the use of anonymization and synthetic data, can facilitate compliance with these legal requirements, thus accelerating testing and validation of artificial intelligence and other innovations that are designed to improve patient care. This session’s panel of speakers will address strategies for facilitating the use of health data in connection with the use and development of AI while complying with global privacy laws. Topics covered will include:

• Establishing appropriate bases under HIPAA and other privacy laws for processing health data for AI training
• Use of privacy protecting techniques, including anonymization, pseudonymization, and tokenization
• Strategies for facilitating international transfers of health data for AI training

Julie Barnes, CEO, Maverick Health Policy

• In 2025, federal agencies will be determining whether to adopt a risk-based regulatory framework for AI-enabled tools in health care
• Creating a risk-based framework for health AI regulation is difficult because a “low-risk” application could disproportionately impact populations, making it “high-impact”
  • The FDA currently takes a risk-based approach to medical devices. A new guidance document asks marketing submissions of device software to include a risk management file that includes a risk assessment
  • ASTP/ONC is proceeding to regulate electronic health records use of AI without a risk-based approach, focusing more on transparency and explainability
  • The HHS AI Strategic Plan released in January 2025 explains its intended approach for oversight of research, drugs and devices, health care delivery, and public health
• Some states are taking a risk-based approach with their AI consumer protection bills but generally view all healthcare applications as high-risk consequential decisions
• Uncertainty about the new administration’s direction in this arena and lack of coordination among federal, state, and global regulating entities will create work for lawyers that serve health care and technology companies

Mark Sendak, Population Health & Data Science Lead, Duke Institute for Health Innovation (DIHI)
Alya Sulaiman, Chief Compliance and Privacy Officer, Senior Vice President of Regulatory Affairs, Datavant
Sam Tyner-Monroe, DLA Piper US LLP

• Session description to follow

Alisa Chestler, Baker Donelson
Jumi Kassim, Global IT & Digital Enablement Counsel, Boston Scientific
Gregg Killoren, General Counsel, XSOLIS
Eric Setterlund, Bradley Arant Boult Cummings LLP

In this session we will discuss contracting approaches to unique issues raised by engaging Artificial Intelligence so that both the vendor and end-user are able to mitigate risk and maximize the benefits of the technology. At the conclusion of this program, you will have a better understanding of the following:

• Pre-negotiation strategies to set the stage for a successful negotiation
• Navigating AI governance committee requests
• The implications of AI on IP and data use rights and how to navigate and negotiate these issues
• Handling third-party terms (including discussion on click-through terms and related considerations)
• Strategies to manage and allocate risk

Vic Domen, DLA Piper US LLP
Joe Knight, FTI Consulting

• AI changing the way we approach the delivery of health care
• But is AI determining who receives care, medicines and at what price?
• Are health care decisions now based on competitor’s pricing or the most profitable computer models?
• What do Federal and State enforcers think?
• This panel will discuss all these issues with the overriding question–Is AI now determining winners and losers?

Clark Daniel, HeartFlow
Victoria Wallace, Hogan Lovells US LLP

• Background on Medicare benefit categories under the Social Security Act (SSA)
• The benefit categories that have applied to AI-based items and services under Medicare to date
• How the Centers for Medicare & Medicaid Services (CMS) has reimbursed for AI-based items and services
• Successes and challenges with obtaining payment for AI services when the concept of AI doesn’t fit neatly within the categories of the SSA
• The perspective of a company that has successfully obtained coverage and payment for its AI-based service, challenges along the way, and what challenges there might be on the horizon