Health Law Advisor

On June 11, 2025, Assistant Attorney General Brett A. Shumate issued an internal memorandum (the “Shumate memo”) to all Civil Division employees of the U.S. Department of Justice (“DOJ”), describing the Division’s enforcement priorities.

The four-page Shumate memo promises an aggressive investigation and use of the federal False Claims Act (“FCA”) against “entities that receive federal funds but knowingly violate civil rights laws.” The Shumate memo follows the announcement on May 19, 2025, of a new Civil Rights Fraud Initiative (the “May 19 announcement”), which shares similar aims. The May 19 announcement cited, in particular, universities and federal contractors engaging in discriminatory conduct (see our related blog posts here and here).

As we wrote in February, Executive Order 14173 of January 21, 2025, entitled “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” (“EO 14173”) indicated that the Trump administration was eyeing the FCA as an anti-discrimination tool, though the statute has not traditionally been used as such. The Shumate memo prioritizes FCA investigations and enforcement actions against those who receive federal funds but knowingly violate federal civil rights laws, particularly by participating in or allowing antisemitism. The DOJ strongly indicated its intent to use the FCA to combat antisemitism and other instances of discrimination when it announced the Civil Rights Fraud Initiative.

As we noted in our previous blog post, HealthBench, an open-source benchmark developed by OpenAI, measures model performance across realistic health care conversations, providing a comprehensive assessment of both capabilities and safety guardrails that better align with the way physicians actually practice medicine. In this post, we discuss the legal and regulatory questions HealthBench addresses, the tool’s practical applications within the health care industry, and its significance in shaping the future of artificial intelligence (AI) in medicine.

Hospitals and health systems are familiar with traditional medical malpractice cases, but as healthcare is increasingly seen as a business, healthcare providers need to understand the potential for, and limitations of claims brought under the guise of consumer protection laws. 

Consumer protection laws can be tempting causes of action for individuals who believe they have been wronged by the healthcare system. Unlike medical malpractice claims, which require expert testimony and may include damages caps, consumer protection statutes often include treble damages, punitive damages, and attorneys’ fees. Consumer protection laws may also offer injunctive relief as a remedy, do not require a plaintiff to prove causation or damages, and have the potential for class action lawsuits. To prevent plaintiffs from reframing a negligence case to sidestep the limitations of medical malpractice cases, some courts and states have drawn boundaries between consumer protection and medical malpractice cases.

Oregon Governor Tina Kotek has signed SB 951—which, as we noted on June 4, 2025, disrupts historically accepted corporate practice of medicine (CPOM) structures by banning arrangements that are inherent to friendly PC models and placing limitations on Management Service Organizations (MSOs). SB 951 is now Oregon law, with staggered effective dates. 

The new law will be the strictest in the nation when it comes to limiting health care ownership and influence, and it seems certain to affect corporate investment in the state’s medical sector.

Yet in an unusual twist, the Oregon legislature is now poised to pass related legislation, HB 3410A, that would amend portions of SB 951 in the course of the same legislative session.

On May 21, 2025, the Centers for Medicare & Medicaid Services (CMS) announced^[1] an aggressive plan (Plan) to expand its efforts to address fraud, waste, and abuse in Medicare Advantage (MA). By engaging with enhanced technology and significantly expanding its workforce, CMS states that it intends to audit every eligible MA contract for Payment Years (PY) 2018 through 2024 and recover on all prior audits conducted by CMS and the Office of Inspector General (OIG).  Historically, CMS has only selected a small subset of contracts (approximately sixty) for each PY audited. CMS is currently completing PY2018 Risk Adjustment Data Validation (RADV) audit but has yet to issue findings or payment recovery demands for any audit completed. CMS has similarly not taken material action regarding the so called “OIG audits”.

Background

CMS Audit Methodology. CMS officially launched its RADV audit program in 2008. The audit methodology employed by CMS has evolved over the years through various rule making efforts and sub-regulatory issuances. CMS’s proposed rule in 2010 set forth an audit methodology to review a risk stratified 201-member sample, where all risk adjusted Hierarchical Condition Categories (HCCs) for each member would be reviewed and checked for errors.^[2] Finalizing this methodology in 2012[3], CMS then conducted audits on PY2012 and 2013 utilizing this approach. The presumption was that CMS would extrapolate and recoup such amounts. However, CMS did not issue final agency actions requiring substantial repayments or extrapolation.

The Evolution of Health Care AI Benchmarking

Artificial Intelligence (AI) foundation models have demonstrated impressive performance on medical knowledge tests in recent years, with developers proudly announcing their systems had “passed” or even “outperformed” physicians on standardized medical licensing exams. Headlines touted AI systems achieving scores of 90% or higher on the United States Medical Licensing Examination (USMLE) and similar assessments. However, these multiple-choice evaluations presented a fundamentally misleading picture of AI readiness for health care applications. As we previously noted in our analysis of AI/ML growth in medicine, a significant gap remains between theoretical capabilities demonstrated in controlled environments and practical deployment in clinical settings.

These early benchmarks—predominantly structured as multiple-choice exams or narrow clinical questions—failed to capture how physicians actually practice medicine. Real-world medical practice involves nuanced conversations, contextual decision-making, appropriate hedging in the face of uncertainty, and patient-specific considerations that extend far beyond selecting the correct answer from a predefined list. The gap between benchmark performance and clinical reality remains largely unexamined.

“ERISA, you’ll need a lawyer for that.” Our practice group’s tagline is meant to be a shorthand for the alphabet soup of laws that apply to employee benefits, including the Employee Retirement Income Security Act (ERISA). Employee benefits compliance has many traps for the unwary and is ever evolving. Below, we have provided a primer on current issues of importance in the employee benefits area to help in-house attorneys identify potential risks, mitigate them, and know when to call an outside ERISA lawyer.

1. What Is Old Is New: Get Your Health Plan Governance in Order

Employers that sponsor self-funded health plans have a host of complicated obligations. There are greater potential legal, regulatory, and fiduciary risks than in years past with managing health plans because of increased congressional legislation, increased Department of Labor (DOL) focus on group health plan compliance, and increased group health plan litigation, often by the same plaintiffs’ firms that have been suing 401(k) plans in fee litigation the past 20 years or more.

As the song goes, the Food and Drug Administration’s (“FDA’s”) 2024 Final Rule regulating laboratory-developed tests (“LDTs”) as medical devices (“Final Rule”), is not merely dead—it’s really most sincerely dead.

Perhaps not for good, but for the foreseeable future, at least.

The FDA has let the clock run out on the 60-day time period to appeal the March 31, 2025, decision by the U.S. District Court for the Eastern District of Texas concluding that: 1) the FDA overstepped its authority, and 2) the LDT Final Rule of May 6, 2024, was unlawful. As we explained at that time, the Final Rule would have required virtually all clinical laboratories offering their own LDTs to comply with FDA expectations for medical device manufacturers in phases over a four-year period—with the first compliance deadlines set for May 2025.

The March 2025 opinion by Judge Sean D. Jordan vacated the controversial Final Rule a little more than a month before the first implementation deadlines were to take effect, and remanded the issue back to the FDA.

SB 951, which bolsters existing Oregon law prohibiting the corporate practice of medicine (CPOM), passed the state House of Representatives on May 28 and now awaits the signature of Governor Tina Kotek.

As EBG noted in a recent blog, the majority of states have some form of CPOM restriction. Oregon’s doctrine stretches back to 1947, when the state supreme court in State ex. rel. Sisemore v. Standard Optical Co. of Or. banned corporations from owning medical practices, practicing medicine, or employing physicians.^[1]

Since then, however, Oregon has sought to strengthen its CPOM rules legislatively, as entities have “sought to circumvent the ban through complex ownership structures, contracting practices, and other means,” as SB 951 states.

On May 19, 2025, the U.S. Department of Justice (DOJ) announced a new Civil Rights Fraud Initiative that will leverage the federal False Claims Act (FCA) to investigate and litigate against universities, contractors, health care providers, and other entities that accept federal funds but allegedly violate federal civil rights laws.

The initiative will be led jointly by the DOJ Civil Division’s Fraud Section and the Civil Rights Division—with support from the Criminal Division, federal civil rights agencies, and state partners. 

The initiative implements President Donald Trump’s Executive Order 14173, “Ending Illegal Discrimination and Restoring Merit-Based Opportunity” (January 21, 2025), directing agencies to combat unlawful discrimination through the FCA, and complements Attorney General (AG) Bondi’s February 5 memorandum, “Ending Illegal DEI and DEIA Discrimination and Preferences.”