IHA Daily Briefing: January 12

CMS Proposed Rules Banning Gender-Affirming Care for Children

On Dec. 19, the Centers for Medicare & Medicaid Services (CMS) proposed two rules seeking to restrict the provision of gender-affirming care to children. The first proposed rule (CMS-3481-P) would ban hospitals providing gender-affirming care, including puberty blockers, hormones and surgery, from receiving funding from the federal Medicare or Medicaid programs. The second proposed rule (CMS-2451-P) would prohibit spending of federal Medicaid and Children's Health Insurance Program (CHIP) funds on gender-affirming care for children.

CMS developed these proposed rules in response to Executive Order 14187 : "Protecting Children from Chemical and Surgical Mutilation" (signed Jan. 28). If finalized, these rules would supersede Illinois protections when it comes to hospital participation in Medicare and Medicaid, and federal reimbursement under the Medicaid and CHIP programs.

Comments on the proposed rules are due by 4 p.m. CT on Feb. 17 and can be submitted online through the Federal Register. Comments on the proposed rule banning hospitals from providing certain gender-affirming care services to children (CMS-3481-P) can be submitted here. Comments on the proposed rule prohibiting federal Medicaid and CHIP spending on certain gender-affirming care services for children (CMS-2451-P) can be submitted here. A detailed summary of the policies and requirements of the proposed rules is here.

FDA Identifies Several Class 1 Recalls
The Food and Drug Administration (FDA) has highlighted a number of Class I recalls and device notifications and corrections in recent weeks, including:

• Dexcom Inc. issued a notice about the G6 Continuous Glucose Monitoring System's G6 and G6 Pro Android US CGM App version 1.15.0 due to an identified bug that can cause the app to terminate unexpectedly.

• Cook Medical issued a recall of Zenith Alpha 2 Thoracic Endovascular Graft proximal components after Cook Medical found that scrapings of polytetrafluoroethylene coating may be released inside the stent graft during use.

• The IV Gravity Burette Set from ICU Medical has been recalled due to a missing internal shut-off valve intended to stop fluid flow.

• Codman Microsensor Basic Kits and Cerelink ICP Sensor Basic Kits have been recalled by Integra LifeSciences.

• Rheumacare Capsules by Virgo UAP Pharma Pvt. Ltd. have been recalled by Handelnine Global Limited d/b/a Navafresh.

• AVID Medical recommended certain Organ Recovery OR Packs and Medical Convenience kits be corrected prior to continued use.

Illinois Secretary of State Warns of Text Scams
Illinois Secretary of State Alexi Giannoulias is alerting Illinoisans to be on the lookout for fraudulent text messages claiming they owe money for traffic violations or tolls. Scam texts, which have surfaced recently, typically claim that the recipient's vehicle registration or driving privileges are at risk of suspension and prompt immediate action through a link. These messages are phishing attempts designed to instill fear as a means of stealing money or personal information.

These messages are also designed to look legitimate, which is why it's important for residents to know the Secretary of State's office will never contact them by text about license or registration issues. The Secretary of State's office sends text messages only to remind customers about scheduled DMV appointments. It does not send texts related to driver's license status, vehicle registration issues or enforcement actions.

Illinoisans who receive scam messages are encouraged to report them to the Federal Trade Commission by visiting reportfraud.ftc.gov.

FBI Warns of North Korean Cyber Threat Group's Malicious QR Codes
The FBI released a Flash Alert highlighting evolving threat tactics by Kimsuky, a North Korean state-sponsored cyber threat group. While the group has not been observed to directly target healthcare, healthcare organizations should be aware of the group, which embeds malicious QR codes in spear-phishing campaigns, referred to as "quishing." The technique forces victims to use a mobile device to view the QR code, which could be received as an image, email attachment or embedded graphic that evades URL inspection. After scanning the malicious code, victims are routed through attacker-controlled redirectors that collect device and identity information for harvesting and is then used in additional malicious actions. The FBI is strongly urging organizations to review and implement the provided mitigations, including educating staff on the dangers of scanning unsolicited QR codes.