Tag: healthcare

Asset Protection for Doctors and Other Healthcare Providers: What Do You Need to Know?

As a doctor or other healthcare professional, you spend your career helping other people and earning an income upon which you rely on a daily basis—and upon which you hope to be able to rely in your retirement. However, working in healthcare is inherently risky, and a study published by Johns Hopkins Medicine which concluded that medical malpractice is the third-leading cause of death in the United States has led to a flood of lawsuits in recent years. As a result, taking appropriate measures to protect your assets is more important now than ever, and physicians and other providers at all stages of their careers would be well-advised to put an asset protection strategy in place.

What is an asset protection strategy? Simply put, it is a means of making sure that you do not lose what you have earned. Medical malpractice lawsuits, federal healthcare fraud investigations, disputes with practice co-owners, and liability risks in your personal life can all put your assets in jeopardy. While insurance provides a measure of protection – and is something that no practicing healthcare professional should go without – it is not sufficient on its own. Doctors and other healthcare providers need to take additional steps to protect their wealth, as their insurance coverage will either be inadequate or inapplicable in many scenarios.

“In today’s world, physicians and other healthcare providers face liability risks on a daily basis. In order to protect their assets, providers must implement risk-mitigation strategies in their medical practices, and they must also take measures to shield their wealth in the event that they get sued.”

What Types of Events Can Put Healthcare Providers’ Assets at Risk?

Why do doctors and other healthcare providers need to be concerned about asset protection? As referenced above, medical professionals face numerous risks in their personal and professional lives. While some of these risks apply to everyone, it is doctors’ and other medical professionals’ additional practice-related risks – and personal wealth – that makes implementing an asset protection strategy particularly important. Some examples of the risks that can be mitigated with an effective asset protection strategy include:

  • Medical Malpractice Lawsuits – All types of practitioners and healthcare facilities face the risk of being targeted in medical malpractice litigation. From allegations of diagnostic errors to allegations of inadequate staffing, plaintiffs’ attorneys pursue a multitude of types of claims against healthcare providers, and they often seek damages well in excess of providers’ malpractice insurance policy limits.
  • Contract Disputes and Commercial Lawsuits – In addition to patient-related litigation, medical practices and healthcare facilities can face liability in other types of civil lawsuits as well. By extension, their owners’ assets can also be at risk, as there are laws that allow litigants to “pierce the corporate veil” and pursue personal liability in various circumstances.
  • Federal Healthcare Fraud Investigations – Multiple federal agencies target healthcare providers in fraud-related investigations. From improperly billing Medicare or Medicaid to accepting illegal “kickbacks” from suppliers, there are numerous forms of healthcare fraud under federal law. Healthcare fraud investigations can either be civil or criminal in nature, and they can lead to enormous fines, recoupments, treble damages, and other penalties.
  • Drug Enforcement Administration (DEA) Audits and Inspections – In addition to healthcare fraud investigations, DEA audits and inspections present risks for healthcare providers as well. If your pharmacy or medical practice is registered with the DEA, any allegations of mishandling, diverting, or otherwise unlawfully distributing controlled substances can lead to substantial liability.
  • Liability for Personal Injury and Wrongful Death in Auto and Premises-Related Accidents – In addition to liability risks related to medical practice, doctors, other practitioners, and healthcare business owners can face liability risks in their personal lives as well. If you are involved in a serious auto accident, for example, you could be at risk for liability above and beyond your auto insurance coverage. Likewise, if someone is seriously injured in a fall or other accident while visiting your home (or office), you could be at risk for liability in a personal injury lawsuit in this scenario as well.

To be clear, an asset protection strategy mitigates the risk of losing your wealth as a result of these types of concerns—it does not mitigate these concerns themselves. The means for addressing medical practice-related concerns is through the adoption and implementation of an effective healthcare compliance program.

Are Asset Protection Strategies Legal?

One of the most-common misconceptions about asset protection is that it is somehow illegal. However, there are various laws and legal structures that are designed specifically to provide ways for individuals and businesses to protect their assets, and it is absolutely legal to use these to your full advantage. Just as you would not expect your patients to ignore treatment options that are available to them, you are not expected to ignore legal tools and strategies that are available to you.

What are Some Examples of Effective Asset Protection Tools for Doctors and Other Healthcare Providers?

Given the very real liability risks that doctors and other healthcare providers face, for those who do not currently have an asset protection strategy in place, implementing a strategy needs to be a priority. With regard to certain issues, asset protection measures need to be in place before a liability-triggering event occurs. Some examples of the types of tools that physicians, healthcare business owners, and other individuals can use to protect their assets include:

1. Maximizing Use of Qualified Retirement Plans

Qualified retirement plans that are subject to the Employee Retirement Income Security Act (ERISA) can offer significant protection. Of course, obvious the limitation here is that these assets placed in a qualified plan will only be available to you in retirement. However, by maximizing your use of a qualified retirement plan to the extent that you are preserving your assets for the future, you can secure protection for plan assets against many types of judgments and other creditor claims.

2. Utilizing Nonqualified Retirement Plans as Necessary

If you operate your medical practice as a sole proprietor, then you are not eligible to establish a qualified retirement plan under ERISA. However, placing assets into a nonqualified retirement plan can also provide these assets with an important layer of protection. This protection exists under state law, so you will need to work with your asset protection attorney to determine whether and to what extent this is a desirable option.

3. Forming a Trust

Trusts are the centerpieces of many high-net-worth individuals’ asset protection strategies. There are many types of irrevocable trusts that can be used to shield assets from judgment and debt creditors. When you place assets into an irrevocable trust, they are no longer “yours.” Instead they become assets of the trust. However, you will still retain control over the trust in accordance with the terms of the trust’s governing documents. Some examples of trusts that are commonly used for asset protection purposes include:

  • Domestic asset protection trusts (DAPT)
  • Foreign asset protection trusts (FAPT)
  • Personal residents trusts
  • Irrevocable spendthrift trusts

4. Offshore Investing

Investing assets offshore can offer several layers of asset protection. Not only do many countries have laws that are particularly favorable for keeping assets safe from domestic liabilities in the United States; but, in many cases, civil plaintiffs will be deterred from pursuing lawsuits once they learn that any attempts to collect would need to be undertaken overseas. Combined with other asset protection strategies (such as the formation of a trust or limited liability company (LLC)), transferring assets to a safe haven offshore can will provide the most-desirable combination of protection and flexibility.

5. Forming a Limited Liability Company (LLC) or Other Entity

If you are operating your medical practice as a sole proprietor, it will almost certainly make sense to form an LLC or another business entity to provide a layer of protection between you and any claims or allegations that may arise. However, even if you have a business entity in place already—and even if you are an employee of a hospital or other large facility—forming an LLC or other entity can still be a highly-effective asset protection strategy.

6. Utilizing Prenuptial Agreements, Postnuptial Agreements, and Other Tools

Depending on your marital or relationship status, using a prenuptial or postnuptial agreement to designate assets as “marital” or “community” property can help protect these assets from your personal creditors (although debts and judgments incurred against you and your spouse jointly could still be enforced against these assets). Additionally, there are various other asset protection tools that will be available based on specific personal, family, and business circumstances.

7. Gifting or Transferring Assets

If you have assets that you plan to give to your spouse, children, or other loved ones in the future, making a gift now can protect these assets from any claims against you. Likewise, in some cases it may make sense to sell, transfer, or mortgage assets in order to open up additional opportunities for protection.

Ultimately, the tools you use to protect your assets will need to reflect your unique situation, and an attorney who is familiar with your personal and professional circumstances can help you develop a strategy that achieves the maximum protection available.

Oberheiden P.C. © 2020  

ARTICLE BY Dr. Nick Oberheiden of Oberheiden P.C.

For more articles on healthcare providers, see the National Law Review Health Law & Managed Care section.

Return to Work COVID-19 Testing Considerations

As employees increasingly transition back into the physical workplace, employers have begun to grapple with whether and how to deploy COVID-19 diagnostic testing as a return-to-work solution.  Many employers want to avoid extended employee quarantine or isolation requirements that prevent their employees from returning to the office for weeks and disrupt their operations.  But is this potential solution legal?  And is it effective?  Below we discuss practical considerations for employers considering a return to work COVID-19 testing strategy.

Is it Legal?

For the most part, yes.  While the Equal Employment Opportunity Commission (“EEOC”) has approved of COVID-19 diagnostic testing in the workplace generally, it has, as explained further below, recently modified its guidance to discourage its use as a return to work strategy.  Further, approaches vary widely across the states and localities that have taken a position on return to work testing.  For example, while Illinois permits its use, an ordinance in Dallas, Texas prohibits return to work testing.

Is it Effective?  

It depends.  Before mandatory vaccination becomes an option (which we wrote about here), requiring employees to test negative for COVID-19 before returning to work may at first glance seem like a reasonable way to ensure employee attendance while keeping the workplace safe.  For some employers, particularly those that are able to test frequently, quickly and accurately, this may be a sound approach.  But for other employers, they will have to weigh their options carefully.  Recent updated guidance from the CDC, employee complaints about the invasiveness of testing, and very real ongoing concerns about testing availability and accuracy may militate against pursuing a testing strategy at this time.

More specifically, recent guidance from the CDC discourages a test-based strategy as a primary solution finding that a symptom-based screening strategy is sufficient to identify when an individual with symptoms may return to work.  However, if an employer nevertheless decides to proceed with diagnostic testing as part of their COVID-19 mitigation strategy, the CDC recommends having employees test negatively twice with the two consecutive tests coming at least 24 hours, before returning to work.

State and local guidance does not necessarily provide additional clarity on how best to proceed.  For example New York State’s guidance only addresses situations where an employee experiences symptoms upon arrival at work or while at the office, advising that in those instances an employee may return to work with a single negative COVID-19 test (in contrast to the CDC’s recommended two consecutive negative tests).  But New York’s guidance does not currently address whether testing is a solution to a host of other scenarios – for instance, where an employee’s remote screening indicates recent symptoms, known exposure, or where an employee traveled to a place with significant community spread.  In those instances, the New York guidance does not incorporate testing as a return to work solution, instead asserting that individuals who have had known close contact with someone who has COVID-19 (i.e. within 6 feet of someone for ten or more minutes) should (1) isolate for 10 days from the onset of symptoms (if the individual has symptoms); or (2) isolate for 14 days from the date of exposure (if the individual does not have symptoms).  New York’s guidance also states that employees who test positive for COVID-19 must complete at least 10 days of isolation from the onset of symptoms or 10 days of isolation after the first positive test if they remain asymptomatic.

Putting all the guidance aside for the moment, testing may prove futile in many cases regardless.  First, COVID-19 reportedly can take 2-14 days after exposure to become identifiable in a diagnostic test, and thus, employees who test negative may return to work and later discover they have indeed been infected.  And in other cases, testing may prove futile if an employee cannot access a test readily, and thereafter receive their results in a timely manner, which effectively sidelines them from returning to the office anyway.  Further, there is also the possibility of a false negative, particularly when an employee takes a rapid test.  Other employer considerations include how COVID-19 testing, and the resulting disciplining of employees if they refuse to be tested, might affect overall employee morale.

Employers should consider these issues and weigh them against the vitality of other preventative measures such as whether an employee can telework or take a paid or unpaid leave in lieu of returning to work.  If the employee must return to work, employers should consider using other safety measures (whether in lieu of or in addition to testing), such as symptom/exposure questionnaires, temperature checks and workplace social distancing requirements.

What if an Employee Refuses to Take a Diagnostic Test? 

In selecting any of these options, employers should consider creating a policy or procedure that, among other things, discloses the circumstances under which an employee must take a test, the specific test or tests that the employer will accept, and the consequences of an employee’s refusal to be tested prior to returning to work.  Employers should also consider whether they will afford an employee the opportunity to take an unpaid leave of absence where they refuse to take a test in lieu of a disciplinary action.

Further, before resorting to disciplinary measures, employers should first consider the nature of the employee’s objection.  If the employee is simply annoyed or frustrated about the testing policy, disciplinary measures may be appropriate as the employees is failing to adhere to a company safety policy.  However, employers should evaluate whether the employee is asking for a disability accommodation, and if so, should consider alternative options to testing.

A Note about Isolation Practices and Employee Abuses.

In jurisdictions that do not require employees to isolate after potential symptoms or exposure, employers that need employees to work in the office may be turning to COVID-19 diagnostic testing as an alternative or supplement to isolation practices they consider impractical or prone to abuse.  Indeed, some employers are facing scenarios in which employees attempt to take advantage of company isolation policies in an effort to take extended time away from the workplace.

Employers facing this situation may consider implementing a diagnostic testing strategy (where permitted and feasible), but should also consider addressing the various employee abuse scenarios that might unfold and provide cautionary warnings to employees.  For example, New York, New Jersey, Massachusetts, and some other jurisdictions are requiring individuals who travel to certain states with troublesome COVID-19 metrics to quarantine for 14 days upon their reentry.  If an employee is planning travel to a “hot spot” on vacation to avoid returning to work, the employer should consider warning the employee that if they are unable to telework upon their return, they may be required to take additional paid time off or even unpaid leave.  Alternatively, employers facing operational difficulties if employers are away for multiple weeks may wish to revisit paid time off approval processes or condition approval of company-provided vacation time on an employee’s ability to return to work promptly after traveling.  In short, employers may have several options to address employees’ abuse of isolation rules that do not necessarily have to involve the implementation of diagnostic testing.

Final Considerations.

If an employer does decide to implement a testing strategy, it should ensure that its COVID-19 testing and screening protocols and policies adhere to relevant state and local guidelines, which vary greatly by jurisdiction.  Employers should further ensure they are tracking other practical aspects of testing.  For example, employers must safeguard employee medical records in accordance with Americans with Disabilities Act (“ADA”) requirements and the privacy requirements of various states and localities, which we discussed here.  When choosing a diagnostic test, employers must also ensure that the test is reliable and accurate – for instance, some rapid testing kits now entering the market may not meet the EEOC’s reliability and accuracy standards.  Similarly, any testing strategies must be uniformly applied so as not to cause disparate treatment amongst employees.  Employers should refer to the EEOC’s ADA guidance, which we discussed here, to ensure non-discriminatory application of testing policies.

©1994-2020 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.

For more on COVID-19 Testing see the National Law Review Coronavirs News section.

Coronavirus and the Workplace: What Employers Need To Know

News that multiple cases of the newly-identified 2019 Novel Coronavirus have reached the United States have prompted employers to think about employee safety and ways to address disease prevention in the workplace. Although, according to the Occupational Safety and Health Administration (OSHA), “most American workers are not at significant risk of infection” at this time, the situation is evolving, and it is never too early for employers to consider how they can address employee concerns, help prevent an outbreak, or address one if it occurs. Employers should also be aware of legal pitfalls that they may encounter when attempting to protect their employees from the virus.

The following addresses some of the key questions employers may have regarding the Coronavirus threat.

What is the Coronavirus and How Is It Transmitted?

At this point, relatively little is known about the 2019 Novel Coronavirus, more commonly known as the “Coronavirus.” According to the CDC, the initial reports of the illness originated in Wuhan, China, where people likely contracted the virus from animals at a seafood and animal market. Experts now believe that the virus is spreading from human-to-human when an infected person coughs or sneezes, similar to the spread of a cold or flu. However, it is still too early to know how easily the virus is transmitted between people.

What Are the Primary Symptoms of the Coronavirus?

In the confirmed cases of Coronavirus thus far, affected individuals have reported mild to severe respiratory symptoms, fever, cough, shortness of breath, and breathing difficulties. In severe cases, the virus has led to pneumonia, kidney failure, and, in at least 100 deaths (presently, all in China), as of the time of this writing.  The CDC believes at this time that symptoms may appear within two to fourteen days after exposure.  However, some infected individuals have shown little to no symptoms.

How Can Spread of the Coronavirus Be Prevented?

Because there is presently no Coronavirus vaccine available, the CDC is recommending standard precautions to avoid the spread of respiratory viruses, such as washing hands with soap and water for at least 20 seconds, or, if soap is not available, using hand sanitizer; avoiding close contact with people who are sick; staying at home when you are sick; and disinfecting frequently touched objects and surfaces.

What If My Employees Travel to China For Business?

As of January 27, 2020, the CDC has issued a level 3 health travel notice (the highest threat level) recommending that people avoid all nonessential travel to China.

Employers whose employees travel to and from China should keep in mind the following:

  • Consider whether to limit business travel to affected areas. While the current CDC travel notice does not specifically define “nonessential travel,” the General Duty Clause of the Occupational Safety and Health Act (OSHA) requires employers to furnish “employment and a place of employment which are free from recognized hazards that are causing or likely to cause the death or serious physical harm to … employees.”  Although the Occupational Safety and Health Administration (also referred to as OSHA) has not promulgated specific standards covering the Coronavirus, requiring employees to engage in nonessential business travel to China (or any other areas in which the risk of contagion is heightened) could create risk under the General Duty Clause, particularly in light of the CDC warning against nonessential travel.  For that reason, employers whose business may involve travel to China (or other areas that become subject to travel restrictions or otherwise experience an increase in the spread of the virus) should consider other available options for employees for the duration of the threat, such as videoconferencing.

By the same token, employers should also be prepared to respond to employees who may express concerns about traveling to affected areas due to the virus.  While an employer generally has broad discretion to decide the duties and requirements of a job and to discipline employees who fail to fulfill those requirements, as a practical matter employers may wish to consider offering employees reasonable alternatives to such travel.

Finally, while employers may implement restrictions on work-related travel to affected areas, employers should tread more carefully when attempting to police personal, non-work-related travel. That said, recent decisions in the Seventh, Eighth, and Eleventh Circuits have held that the disability discrimination protections of the ADA do not apply where an employer takes an employment action based on the potential for an employee to become ill and disabled in the future.  Specifically, the Eleventh Circuit found no liability under the ADA where an employer terminated an employee who requested time off to travel to Ghana to visit family because of the perceived risk that the employee would contract the Ebola virus, due to recent outbreaks of the disease in neighboring countries.  While courts have tended to take this view, it is worth noting that the EEOC has argued on at least one occasion that an employer acting on a potential future health condition may be viewed as “regarding” an employee as disabled as long as the condition otherwise qualifies as a disability under the law.  For this reason, employers should consider the risks with imposing a ban on personal, non-work-related travel to affected areas.

  • Provide relevant safety information to employees. Employers whose employees travel to affected areas should provide information to their employees about how the Coronavirus is transmitted, its symptoms, and how to avoid exposure – utilizing trusted and reputable sources such as the CDC. Employers would be well advised to also provide these employees with resources and contact information for local health departments and the CDC.
  • Understand that employee travel may be interrupted. The Chinese government has closed transit within and out of Wuhan and certain other areas of the Hubei Province. Hong Kong has also imposed certain restrictions on travel to and from the Chinese mainland. The United States is also re-routing passengers from Wuhan, China to certain designated airports (including Chicago O’Hare, Atlanta, New York JFK, Los Angeles, and San Francisco) for enhanced screening. While screening for common viruses usually takes several hours, officials have indicated that those suspected of having the Coronavirus could be delayed for up to a day if additional screening is needed.

What Should I Do if an Employee Has Recently Traveled to China or Otherwise May Have Been Exposed to the Coronavirus?

Employers should remember that the Americans with Disabilities Act (ADA) places certain restrictions on the kinds of inquiries that can be made into an employee’s medical status. Specifically, the ADA prohibits employers from making disability-related inquiries and requiring medical examinations, unless (1) the employer can show that the inquiry or exam is job-related and consistent with business necessity, or (2) where the employer has a reasonable belief that the employee poses a direct threat to the health or safety of the individual or others that cannot otherwise be eliminated or reduced by reasonable accommodation.

According to Pandemic Preparedness Guidance published in 2009 by the Equal Employment Opportunity Commission (EEOC) in the midst of the H1N1 influenza outbreak, whether a particular outbreak rises to the level of a “direct threat” depends on the severity of the illness.  Employers should look to the most up-to-date assessments being made by the CDC or other public health authorities, as they relate to the employer’s location, to determine the severity level of an illness and, in turn, whether an employee who potentially has been exposed to the illness may constitute a “direct threat.”  Employers should not rely on speculation or unofficial information when making determinations about whether there is a direct threat.  At the moment, the CDC is not classifying the Coronavirus as a pandemic and has not issued a heightened threat level for the United States.  However, the situation continues to rapidly evolve and we will provide updates should additional guidance be released by the CDC or other public health officials on this important issue.

All this being said, employers should keep in mind the following when it comes to employees who have traveled to affected areas:

  • Employers need not wait until an employee returning from travel develops symptoms to inquire about exposure to the Coronavirus. Inquiring about whether an employee has traveled to an affected area or about possible exposure to a contagious illness during such travel would not constitute a disability-related inquiry.  However, as discussed below, the extent to which an employer may act on the information received will depend on the most recent information available from the CDC or other public health officials.  Further, employers inquiring into whether employees have traveled to affected areas should do so of all employees known or believed to have recently traveled, rather than directing such inquiries only to employees of certain races, ethnicities, or national origins. Finally, employers should be mindful to keep confidential all medical-related information received from an employee, in accordance with the ADA.
  • Under certain circumstances, employers may require employees who have traveled to areas affected by serious health threats to stay home. If the CDC or other local public health officials recommend that people who visit specified locations remain at home for several days until it is clear they do not have illness symptoms, an employer may require an employee who traveled to an affected area to remain out of work for the suggested period of time.  While presently the CDC states that individuals who may have been in close contact with someone with the Coronavirus may continue with their daily activities so long as they are not showing any symptoms, employers should continue to monitor the CDC website for further developments. In the absence of a CDC directive that employees who have traveled to affected areas stay at home, an employer who is considering requiring such employees to remain home, they should consult with counsel.

What Other Things Should Employers Be Thinking About When it Comes to the Coronavirus?

  • Employers may – and should – send employees home if they exhibit potential symptoms of contagious illnesses at work. The EEOC has said that sending an employee home who displays symptoms of contagious illness would not run afoul of the ADA’s restrictions on disability-related actions because: (i) if the illness ultimately turns out to be relatively mild or “run of the mill” (such as seasonal influenza), then it would not have constituted a covered disability in the first place; and (ii) if the illness does turn out to be severe (such that it may constitute a disability under the law), then the actions would be warranted under a direct threat analysis. In either case, an employer can send an employee home who is displaying symptoms of contagious illness, even if this is against the employee’s wishes.  Employers should also consider making clear in their policies that employees who have symptoms of a potential contagious illness must not report to work while they are sick.
  • Determine whether the FMLA or other leave laws may apply. An employee who is experiencing a serious health condition or who requires time to care for a family member with such a condition may be entitled to take unpaid leave under the federal Family and Medical Leave Act (FMLA) or state-law analogues.  Employees may also be eligible for leave as a reasonable accommodation under the ADA or related state or local law, if the underlying condition constitutes a qualifying disability.  However, employees generally are not entitled to take FMLA or reasonable accommodation leave to stay at home to avoid getting sick (though an exception may exist where a preexisting medical condition is likely to be worsened by exposure to a contagious disease). Furthermore, employees in certain jurisdictions may be entitled to paid sick leave if needed to care for themselves or a sick family member in the event of an illness, or if their workplace or a child’s school or day care is closed due to a public health emergency.
  • Consider whether OSHA requirements may apply. While, as noted above, OSHA has not promulgated specific standards covering the Coronavirus, it has issued a notice indicating that employers should be aware of the following general standards to which employers may be subject under OSHA:
    • General Duty Clause: As discussed above, the OSHA General Duty Clause requires employers to furnish “a place of employment which [is] free from recognized hazards that are causing or likely to cause the death or serious physical harm to … employees.” To that end, there are some readily achievable steps that employers can take to prevent the spread of the Coronavirus (and other contagious illnesses) within the workplace, such as: providing hand sanitizer to employees, ensuring that surfaces and eating areas are disinfected regularly, and encouraging employees who are sick to stay home. Employers also may start to consider certain policy changes they may wish to implement in response to the Coronavirus should the situation become more severe in the U.S., such as allowing employees to work from home.
    • Personal Protective Equipment: OSHA requires that protective equipment, clothing, and barriers be provided whenever it is necessary to prevent employees from being exposed to environmental hazards. Employers are required to assess the workplace, determine if hazards are present, and if so, select and have employees use protective equipment. Employers whose employees may encounter individuals infected with the Coronavirus, such as those in the healthcare and travel industries, should begin to consider what protective equipment would be necessary to protect its workforce should the virus begin to spread within the United States.
    • Recordkeeping and Reporting Requirements: OSHA requires that certain employers keep a record of certain work-related illness and injuries (often referred to as an OSHA Form 300 log). While there is a regulatory exemption for recording instances of the standard cold and flu, OSHA has deemed the 2019 Novel Coronavirus a recordable illness when a worker is infected on the job. In addition, certain employers may be subject to reporting requirements under state and local law if they have a reasonable belief that a significant disease is present in the workplace.
    • Employers in Higher-Risk Industries: While, again, OSHA has yet to issue any standards or controls specific to Coronavirus, employers operating in industries where employees may be at a potential increased risk of exposure should prepare for the possibility that heightened requirements may be put in place. In the past, OSHA has issued such guidance for employers in industries such as healthcare, airlines, and mortuary services, such as during the MERS outbreak in 2015.

*          *          *

Information about the Coronavirus is constantly developing, so employers also should continue to refer to the CDCWHO, and OSHA websites for the latest on appropriate precautions, including changes to travel notices.  Of course, we will continue to monitor this situation and report on any updates as they develop.

© 2020 Proskauer Rose LLP.

Emerging Cyber-Security Threats for 2020: The Rise of Disruptionware and High-Impact Ransomware Attacks

Disruptionware is defined by the Institute for Critical Infrastructure Technology (ICIT) as a new and “emerging category of malware designed to suspend operations within a victim organization through the compromise of the availability, integrity and confidentiality of the systems, networks and data belonging to the target.”  New forms of disruptionware can be a more crippling form of cyber-attack than other more “garden-variety” malware and ransomware attacks. This is the case since, as the ICIT notes, disruptionware not only attempts to encrypt and deny users access to their data, but works as a “layered attack” designed to “disrupt operations and production in manufacturing or industrial environments (as well as infrastructure) in order to achieve some other strategic goal.”

Disruptionware has “consumed” many traditional cyber-attacks, making them part of the disruptioware “toolkit.” These techniques include cyber-attacks such as ransomware, “wipers,” “bricking capabilities,” automated components, data exfiltration tools and network reconnaissance tools. (See ICIT report for further definitions.) Today, the rise of disruptionware is a new and even more chaotic form of cyber warfare attack – it not only attempts to encrypt and deny users access to their data, but disruptionware works to “disrupt operations and production in manufacturing or industrial environments (as well as infrastructure) in order to achieve some other strategic goal.”

Additionally, generalized forms of ransomware attacks – designed to block access to the victim’s computer systems until money is paid – are continuing to represent a more prevalent threat to government agencies, healthcare providers and educational institutions. Ransomware was so destructive on its own that the FBI recently issued a Public Service Announcement (PSA) warning about such “high-impact” attacks on critical private and public sector institutions. Underscoring the FBI’s announcement, another publication has noted the rise of ransomware attacks since the beginning of 2019 finding that there have been at least 621 reported successful ransomware attacks against U.S.-based corporations. Of these attacks, at least 491 were targeted against healthcare providers, while another 68 of the attacks were directed at county and municipal institutions, and 62 of the attacks were focused on school districts.

According to the FBI, hospitals and health care institutions are the primary targets of these high-impact ransomware attacks because of the critical role they play in providing lifesaving services, and the fact that these institutions usually do not have the luxury of taking time to restore backups in order to get their networks working again and running safely and securing after an attack. Above and beyond the costs associated with paying the ransom and restoring computer networks and systems, ransomware attacks on hospitals and health care providers have proven especially damaging because they affect the ability of the targeted healthcare providers to deliver critical health care services to patients. Perhaps even more disturbingly, many of the victim companies reported losing data even when they paid the ransom demanded by the hackers. Nevertheless, according to the blog “knowbe4,” it was predicted that ransomware payments alone by victim companies will have exceeded $11.5 billion in 2019 – representing an increase of almost 30% over the approximately $8 billion paid in 2018.

Along with the rise of disruptionware and high-impact ransomware, hackers are also now using new and diverse techniques to launch multiple forms of cyber-attacks including, among other things, an increased use of new Remote Desktop Protocol (RDP) attacks, as well as leveraging various software vulnerabilities to infect organizations through backdoor channels. Unfortunately, few businesses are hardening their IT infrastructure against these new types of extremely damaging cyber-attacks. RDP attacks are becoming far more common because of the simplicity of many users’ login credentials, while companies are not doing enough to “whitelist” exclusively acceptable computer software and applications to prevent security holes caused by numerous software vulnerabilities in unsecured and sometimes untested software applications.

The FBI’s PSA serves as a warning to businesses that they should have a plan in place to respond efficiently and appropriately in the event of high impact ransomware and disruptionware attacks. Such plans should include, among other things, clear designations of responsible individuals (both inside and outside the company), procedures for contacting law enforcement, and the business having a firm understanding of what their data is as well as a good understanding of its importance in the overall business plan. Finally, businesses need a current and workable Disaster Recovery Plan for getting the organization up and running again as quickly as possible if there is a cyber-attack. Businesses would be wise to review how their systems are backed up, as reliable and readily accessible backups are often critical in allowing ransomware or disruptionware victims to try and resume normal business operations as quickly as possible.

©2020 Drinker Biddle & Reath LLP. All Rights Reserved

For more on ransomware and other cyberthreats, see the Communications, Media & Internet section of the Nationa Law Review.

Mayo Clinic Reports Vaping Injuries Resemble Chemical Burns

The Centers for Disease Control and Prevention (CDC) announced that over 1,000 people became ill from vaping e-cigarettes, including 18 deaths. Now, research by the Mayo Clinic of Arizona suggests the lung damage may be the result of chemical burns.

The CDC announced that 77% of the injured vapers were using e-cigarettes with tobacco and THC products, and 17% were using only nicotine. The CDC partnered with state-based health care services and research hospitals to try to determine the cause of the recent spike in vaping lung damage cases.

The Mayo Clinic of Arizona is one of the first to release data derived from recent cases. The research team tested lung biopsy samples from 17 patients, including two who have since died from the condition. All 17 biopsies suggested that the lung injuries were most likely caused by “direct toxicity or tissue damage from noxious chemical fumes.” These fumes are generated from the vaporized e-cigarette liquids. Researchers said it does not appear that the build-up of lipids, reported earlier as a possible cause of the lung damage, was a factor in these 17 patients.

According to Dr. Larsen, the senior author of the study, “It would seem prudent based on our observations to explore ways to better regulate the industry and better educate the public, especially our youth, about the risks associated with vaping.”

COPYRIGHT © 2019, STARK & STARK

For more on vaping regulation, see the Nationa Law Review Biotech, Food & Drug law page.

Giving It Your Best Shot: Maintaining a Compliant Vaccination Program in the Healthcare Sector

Workplace vaccination programs are not new. While many focus on influenza, healthcare employers often impose more robust requirements to protect employees and vulnerable patient populations. The Centers for Disease Control and Prevention (CDC) recommends healthcare workers receive several vaccinations, including: hepatitis B; influenza; measles, mumps, and rubella (MMR); varicella (chickenpox); tetanus, diphtheria, and pertussis (Tdap); and meningococcal. Many states have enacted laws requiring such vaccinations for healthcare workers. (The CDC maintains a list of state requirements.) Indeed, because healthcare workers can be at a heightened risk for both exposure and transmission of disease to patients, families, and coworkers, prominent medical groups such as the Infectious Diseases Society of America (IDSA) recommend mandatory vaccinations consistent with CDC recommendations as part of an effective infection prevention and control program.

Recent outbreaks of vaccine-preventable diseases, such as measles and pertussis, have focused public attention on the need for employee vaccine programs. For example, the CDC reports that between January 1, 2019 and August 8, 2019, there were a total of 1,215 confirmed cases of measles in the United States, the highest number since 1994. This is despite the fact that measles was eliminated in the United States in 2000, due to an effective MMR vaccination program. The World Health Organization (WHO) reports that the rise of measles cases is likely due to a decline in people getting the vaccine. (The CDC has additional information about measles and the safety and efficacy of the MMR vaccine.)

Healthcare institutions are increasingly mandating that employees receive vaccinations, such as Tdap and MMR. But, while mandatory vaccination programs are on the rise, so are challenges from employees. Employee objections to vaccines (strengthened by misinformation about vaccines such as MMR), and thus litigation, have increased in recent years. While employers may not always have to accommodate generalized or unfounded objections to vaccinations, employees do have legally cognizable objections to being vaccinated under certain circumstances. Specifically, the Equal Employment Opportunity Commission (EEOC) takes the position that Title VII of the Civil Rights Act of 1964 and the Americans with Disabilities Act (ADA) require employers to provide exemptions from mandatory vaccination policies or other accommodations to employees with religious objections and disabilities.

Just as wise employers seek to immunize their workforces from harmful pathogens, employers may also seek to immunize their vaccination programs from common legal claims. Employers may want to take into consideration the following issues:

Is the vaccination program mandatory?

Will the vaccination program be voluntary, mandatory, or a hybrid based on employee classification and work setting? Voluntary programs are attractive from the standpoint of avoiding employee objections and ADA/Title VII accommodation issues, but compliance rates may be inadequate or the healthcare setting may favor a mandatory program for some or all healthcare workers. Employers may want to consult the CDC’s recommendations, review applicable state vaccination laws, and assess the risks posed in their facilities in coordination with their infection prevention and control programs.

Is the workforce unionized?

Are nurses or other employees represented by a labor union? Employers with unionized workforces generally must bargain with the unions before imposing mandatory vaccination programs.

Who is covered?

In deciding whether to adopt a mandatory program, what is the scope of the mandate? Is it necessary to require vaccines for all employees (including clerical workers, etc.), or is it more appropriate to reserve the mandatory program for healthcare workers involved in direct patient contact or healthcare workers in vulnerable patient settings, such as the neonatal intensive care unit (NICU), pediatric intensive care unit (PICU), emergency department, or operating room? Some employers may find it more effective to implement a mandatory program with respect to a subset of healthcare workers in patient-contact roles, while offering an incentivized voluntary program to others.

Will the program permit exceptions or accommodations?

What accommodations will be permitted, and what is the process for evaluating such requests? In particular, employers should consider having a process to receive and evaluate employee requests for exemption or accommodation due to disability or sincerely held religious beliefs.

  • Under the ADA, a reasonable accommodation may be required for an employee with a disability, unless it would result in an undue hardship or a direct threat to the safety of the employee or the public. In these cases, employers can work with their infection-control team to determine the risks of exposure and transmission. For example, with employees objecting to a Tdap or MMR vaccine, the risk for a nurse working in the NICU may be very different than that of an office assistant in the back office. The ADA analysis for undue hardship and direct threat are fact specific and complicated.
  • Under Title VII, an accommodation may be required for sincerely held religious beliefs, unless doing so would pose an undue hardship. Employers should be aware that the EEOC and courts interpret “religion” broadly, and the term is not limited to major faiths but may include “religious beliefs that are new, uncommon, not part of a formal church or sect, only subscribed to by a small number of people, or that seem illogical or unreasonable to others.” Under Title VII, an undue hardship may exist where there is more than a de minimis cost or burden. The EEOC has considered several factors when determining whether an undue hardship exists, such as (1) the assessment of the public risk at that time, (2) the availability of other means of infection control, and (3) the number of accommodation requests.
  • Employers must maintain medical information and vaccination records collected from employees as confidential files in accordance with ADA requirements.
  • State vaccination laws—including where certain vaccines are mandatory for certain categories of healthcare workers—may also be relevant in designing and implementing a workplace vaccination policy.

What types of accommodations would be permitted?

Where an employer decides, after a case-by-case analysis, that an accommodation is required, it may consider is viable in the healthcare setting. Some common options include the following:

  • Requiring an employee to wear a mask, gown, or other safety gear. This option may depend on the nature of the risk, as a mask may be a reasonable accommodation for influenza in some settings, but it may not be sufficient in a setting with particularly vulnerable patients or with other pathogens that have multiple means of transmission.
  • Modifying an employee’s duties to remove at-risk activities, such as direct patient contact.
  • Temporary or permanent transfers to other positions or work areas that do not contain the same risks to patient safety.
  • Providing alternative vaccines. For example, some employees might have religious objections based on the contents of a vaccine itself, such as its use of swine products or fetal cell lines. In some cases, it may be possible to provide an alternative vaccine from a different manufacturer that does not contain the objectionable ingredient.

Healthcare employers may have legitimate reasons for requiring employee vaccinations and may want to give thoughtful consideration to federal and state employment law protections, as well as the objective medical risks applicable to specific employee groups, healthcare settings, and patient populations, before imposing sweeping mandatory policies. Such organizations may consider reviewing their vaccination programs to avoid unnecessary exposure to discrimination claims.

© 2019, Ogletree, Deakins, Nash, Smoak & Stewart, P.C., All Rights Reserved.
For more vaccination legal considerations see the National Law Review Biotech, Food, Drug law page.

Incapacitated Woman Gave Birth in Arizona Nursing Home: Attorneys Seeking $45M from the State

Late last December, a nurse at Hacienda HealthCare in Arizona panicked and called 911 as a patient unexpectedly gave birth. The 29-year-old patient, who has been in a vegetative state since age 3, delivered a healthy baby boy. A police investigation concluded that one of her caregivers, a 32-year-old male nurse, raped the patient several times and fathered the child. The victim’s attorneys filed a $45 million notice of claim against the state of Arizona in late May.

After giving birth in the nursing home, the victim and baby were transferred to a nearby hospital. According to the hospital, the baby’s birth was “a repeat parous event,” meaning the victim had likely been pregnant before.

As a result of a near drowning experience in 1992, the victim is described as non-verbal and generally unresponsive. However, she does experience pain and can respond to her surroundings with a groan or a smile.

The staff full of medical professionals said they did not realize the woman was pregnant until a nurse went to change the victim and saw the baby’s head.

An anonymous former caregiver for the woman told ABC-15 she didn’t believe the pregnancy went undetected. “I can’t believe that somebody would bathe her daily for nine months and never know that she wasn’t having a period, that she [was] growing in her midsection, that nurses weren’t keeping track [of her weight],” the former caregiver said. “Those things are shocking to me.”

According to the notice of claim, the nursing home missed 83 opportunities to diagnose the pregnancy. The staff noted the patient’s abdomen was sticking out during 24 checks, and noted swollen legs and feet 12 times. A doctor saw the patient at least 10 times during her third trimester.

Hacienda HealthCare was entrusted to give the patient around-the-clock care. Not only did they overlook the signs of repeated sexual abuse the hospital reported, which allowed for it to continue, but they also failed to detect her pregnancy. The facility’s negligence caused the patient to go through her pregnancy without any proper care and in a state of malnutrition.

The complaint argues that the state of Arizona “cultivated circumstances” that enabled this misconduct and failed to monitor the long-term care facility.

There are many forms of abuse in nursing homes, to both younger and elderly patients. The long-term care facilities we trust with our loved ones are responsible for their safety and well-being.

 

COPYRIGHT © 2019, STARK & STARK
Article by Sherri Warfel of Stark & Stark.
For more on health care issues see the National Law Review Health Law & Managed Care page.

What You Should Know About Special Focus Facility Nursing Homes

The Center for Medicare Advocacy (CMA) recently issued a Special Report focusing on progressively ineffective enforcement actions against nursing-home facilities that have demonstrated a pattern of serious noncompliance with federal nursing-home care standards meant to ensure quality care and resident safety.

The report concludes that in addition to a noncompliant nursing home’s ability to mislead consumers about its quality of care by masking staffing levels and self-reporting quality-care measures to the federal government, penalties in the form of monetary fines—imposed on the most unsafe nursing homes—are declining, and thus, are likely ineffective in improving the care provided to residents.

In cooperation with state surveyors, the Centers for Medicare & Medicaid (CMS) regularly visits nursing homes to determine whether they are ensuring resident safety by complying with federal nursing-home care standards: The standards also determine whether nursing homes may participate in Medicare and Medicaid reimbursement programs. And while most nursing homes have some deficiencies, most of them correct those problems within a reasonable period of time. But for nursing homes with (1) a history of having twice the average number of deficiencies, (2) deficiencies resulting in serious quality and safety issues, and (3) those issues persisting over a long period of time, CMS identifies them as Special Focus Facilities (SFF) and subjects them to additional surveys and fines.

CMS attempts to notify the public about identified SFF’s by publishing a monthly report providing the status of SFF’s by grouping them into categories separated by the following Tables:

Table Category
A Newly Added
B Not Improved
C Improving
D Recently Graduated
E No Longer in Medicare and Medicaid

The report also contains the number months the nursing home has operated as SFF.

As of the most recent SFF Update, July 19, 2018, CMS identified or had identified the following New Jersey Nursing Homes as Special Focus Facilities:

Nursing Home Location Status Months as SFF
New Grove Manor East Orange Newly Added 4 months
Cooper River West Pennsauken Improving 12 months
Meadowview Nursing & Respiratory Care Williamstown Recently Graduated 15 months

CMS also attempts to notify the public about the quality of care provided by all Medicare- and Medicaid-certified nursing homes in the country through its Nursing Home Compare Five-Star Rating website. The star-rating system gives each nursing home a rating from 1 to 5 stars in three categories: (1) health inspections, (2) staffing, and (3) quality of resident care measures (collected on each patient). Based on those ratings, CMS also calculates an overall rating.

However, while all three categories help provide a snapshot of a nursing home’s quality, a New York Times article faulted the five-star rating system for being susceptible to manipulation, and thus capable of misleading the public. That is because CMS allowed nursing homes to self-report data for two of the three categories: staffing and quality of resident care measures.  Only the health inspections category provided an independent window into the quality of a nursing home, because CMS conducts the inspections onsite and reports the results of the inspections.

Healthcare professionals have traditionally viewed the level of staffing as indicative of the nursing home’s ability to provide quality care and ensure patient safety. But even after the 2015 revision to the 5-Star Rating System to, in part, improve the accuracy of reporting staffing levels, nursing homes have continued mask the erratic levels of individuals working from day to day.

So while an unsafe nursing home may report a high-quality star rating (4 or 5 stars) in staffing and quality care measures, the health inspections category provides a more accurate assessment of how well the nursing home protects residents from harm.

For example, as of July 30, 2018, the Nursing Home Compare website reports the following quality star ratings for New Grove Manor nursing home, listed above:

The CMS website shows that despite CMS (1) assigning a Much Below Averagerating (1 star) for health inspections, (2) assigning a Below Average rating (2 stars) for overall quality, and (3) identifying New Grove Manor as a Special Focus Facility—CMS permits New Grove Manor to report an Above Average rating (4 stars) for staffing levels and to self-report an Above Average rating (4 stars) for quality measures..

Moreover, the CMA Special Report suggests that despite the poor performance of the 18 Newly Added nursing homes in the SFF Update, July 19, 2018, enforcement actions against those nursing homes are relatively minor. The Special Report notes that when attributing the total amount fines ($992,325) to all 18 Newly Added facilities, covering the prior 3-years, the average fine per year for each SFF is $18,375. However, as the Special Report notes, CMS imposed fines on only 12 of the 18 nursing homes over the prior three years. Thus, for those 12 nursing homes, the average fine per year was merely $27,562.

 

COPYRIGHT © 2018, STARK & STARK
This post was written by Eric D. Dakhari of Stark & Stark Law Firm.

Telemedicine – Are There Increased Risks With Virtual Doctor Visits?

“Telemedicine” or “Telehealth” are the terms most often used when referring to clinical diagnosis and monitoring that is delivered by technology. Telemedicine encompasses healthcare provided via real time two-way video conferencing; file sharing, including transmission of health history, x-rays, films, or photos; remote patient monitoring; and consumer mobile health apps on smart phones, tablets, and devices that collect data and transmit it to a healthcare provider. Telemedicine is increasingly being used for everything from diagnosing common viruses to monitoring patients with serious long-term health issues.

The American Telemedicine Association reports that majority of hospitals now use some form of telemedicine. Two years ago, there were approximately 20 million telemedicine video consultations; that number is expected to increase to about 160 million by 2020. An estimated one-third of employer group plans already cover some type of telehealth.

Telemedicine implicates legal and regulatory issues as licensing, prescribing, credentialing, and cybersecurity. Pennsylvania recently passed legislation joining the Interstate Medical Licensing Compact, an agreement whereby licensed physicians can qualify to practice medicine across state lines within the Compact if they meet the eligibility requirements. The Compact enables physicians to obtain licenses to practice in multiple states, while strengthening public protection through the sharing of investigative and disciplinary information.

Federal and state laws and regulations may differ in their definitions and regulation of telemedicine. New Jersey recently passed legislation authorizing health care providers to engage in telemedicine and telehealth. The law establishes telemedicine practice standards, requirements for health care providers, and telehealth coverage requirements for various types of health insurance plans. Earlier this year, Texas became the last state to abolish the requirement that patient-physician relationships must first be established during an in-person patient/doctor visit before a telemedicine visit.

As telemedicine use increases, there will likely be an increase in related professional liability claims. One legal issue that arises in the context of telemedicine involves the standard of care that applies. The New Jersey statute states that the doctor is held to the same standard of care as applies to in-person settings. If that is not possible, the health care provider is required direct the patient to seek in-person care. However, the standard of care for telemedicine is neither clear nor uniform across the states.

Another issue that arises in the context of telemedicine is informed consent, especially in terms of communication, and keeping in mind that the Pennsylvania Supreme Court recently held that only the doctor, and not staff members, can obtain informed consent from patients. Miscommunication between a healthcare provider and patient is often an underlying cause of medical malpractice allegations in terms of whether informed consent was obtained.

In addition, equipment deficiencies or malfunctions can mask symptoms that would be evident during an in-person examination or result in the failure to transmit data accurately or timely, affecting the diagnosis or treatment of the patient.

Some of these issues will likely ultimately be addressed by legislative or regulatory bodies but others may end up in the courts. According to one medical malpractice insurer, claims relating to telemedicine have resulted from situations involving the remote reading of x-rays and fetal monitor strips by physicians, attempts to diagnose a patient via telemedicine, delays in treatment, and failure to order medication.

recent Pennsylvania case illustrates how telemedicine may also impact the way medical malpractice claims are treated in the courts. In Pennsylvania, a medical malpractice lawsuit must be filed in the county where the alleged malpractice occurred. Transferring venue back to Philadelphia County, the Superior Court in Pennsylvania found that alleged medical malpractice occurred in Philadelphia — where the physician and staff failed to timely transmit the physician’s interpretation of an infant’s echocardiogram to the hospital in another county where the infant was being treated.

The use of telemedicine will likely have wide-reaching implications for health care and health care law, including medical malpractice.

This post was written by Michael C. Ksiazek of STARK & STARK, COPYRIGHT ©
2017
For more Health Care legal analysis, go to The National Law Review 

Trump Administration Limits Affordable Care Act’s Contraceptive Coverage Mandate

On Friday October 6, 2017, the Trump administration released two interim final rules expanding the exemptions allowed under the Patient Protection and Affordable Care Act’s (the “ACA’s”) contraceptive coverage mandate. Under the ACA, employer group health plans generally are required to cover contraceptives, sterilization, and related patient education and counseling, with exemptions provided for religious houses of worship. The exemption was expanded by the Department of Health and Human Services (HHS) as a result of the Supreme Court’s decision in Burwell v. Hobby Lobby 34 S. Ct. 2751 (2014), which held health plans of closely held for-profit corporations are not required to cover contraceptives if doing so would contradict the owner’s religious beliefs under the Religious Freedom Restoration Act.

The interim final rules, released by the Treasury Department, Department of Labor (DOL), and HHS, are effective immediately and provide exemptions from the contraceptive coverage mandate to many employers with “sincerely held religious beliefs” or “sincerely held moral convictions”. The interim final rules limit the exemption for “sincerely held moral convictions” to houses of worship, tax-exempt entities, and closely held for-profit corporations, but permit publicly traded for-profit entities to use the exemption for “sincerely held religious beliefs.” According to the Trump administration, the United States has had a long history of providing protections in the regulation of health care for individuals and entities with objections based on religious beliefs or moral convictions. To take advantage of the new exemption, eligible employers must notify employees that they will no longer provide contraceptive coverage but need not inform the federal government. The Employee Retirement Income Security Act of 1974, as amended (ERISA) requires that a Summary of Material Modification (SMM) is provided within 60 days of a “material reduction” in covered services or benefits provided under a group health plan. A material reduction includes the elimination of benefits payable under a group health plan. According to an Obama administration report released last year, 55 million women have gained access to no-cost birth control as a result of the contraceptive coverage mandate. It is not clear how many entities may claim the exemptions, but HHS has predicted about 200 entities (affecting 120,000 women) may do so based on the number of entities that filed lawsuits.  Written comments on the interim final rules are due December 5, 2017.

This post was written by Cassandra Labbees of Epstein Becker & Green, P.C. All rights reserved., ©2017
For more legal analysis go to The National Law Review