The Current Fate of Lawsuits Against HMOs
Both federal and state courts have been reviewing a wide variety
of claims against health maintenance organizations ("HMOs"). Some are successful
claims; others are not. State legislatures are also considering measures to
allow lawsuits against HMOs for failing to make medical treatment decisions
based solely on the exclusive interests of their members. As illustrated below,
the courts, as well as state governments, are beginning to narrow the legal
theories under which claims against HMOs may be made.
On June 12, 2000,
the United States Supreme Court unanimously rejected an ERISA breach of
fiduciary duty claim against an HMO in PEGRAM
v. HERDRICH . The issue before the high court was whether
the HMO had breached its fiduciary duty to its members because a physician-owner
of the HMO based a member’s course of treatment on her own financial interest
rather than the exclusive interest of the member. The Court held that the HMO
was not acting as fiduciary as defined under ERISA, but rather that the
physician-owner’s mixed eligibility and treatment decision was guided by the
primary purpose of any HMO – rationing care and limiting expenses.
In May of this year, an Illinois Supreme Court upheld a member’s malpractice claim against an HMO. The member sued the HMO for its negligence in "over-assigning" patients to a participating physician (the physician was assigned 4,500 patients by the HMO). The physician failed to respond to the member’s request for treatment because he became overwhelmed with his patient load.
The court stated that because HMOs have an expansive role in providing comprehensive health services to their members, they, like hospitals, must conform to the legal standard of reasonable conduct in fulfilling that role. Since the HMO was actively soliciting members at the same time it lacked participating physicians to treat these members, the court easily inferred that the physician’s failure to see the patient resulted from the HMOs over-assignment of patients. To view this decision, click on http://www.state.il.us/court/2000/86830.htm.
And recently, Oklahoma joined Texas, Georgia, California, Arizona
and Washington in allowing lawsuits against HMOs. The Oklahoma bill, like the
other state laws, permits members to sue their HMOs for failure to exercise
ordinary care in making treatment decisions. Each state enacting such
legislation requires the member to exhaust his or her appeals and review
processes before bringing a cause of action against the HMO. Opponents to these
laws fear that employers will discontinue health insurance plans because of the
increased costs resulting from such litigation. It is too soon to determine
whether these fears will become reality.
New York HMO May Be
Liable
For Employee’s Breach of Patient Confidentiality
Outside of the
Workplace
A New York appellate court has permitted a member ("Doe") of a health maintenance organization ("HMO") to proceed against the HMO for its employee’s breach of patient confidentiality while at a private party. The employee, an HMO records clerk, came across Doe’s confidential medical information while working. The employee recognized Doe as her sister’s co-worker. Later, while attending a party, the employee revealed to Doe’s co-workers that she had sought treatment from a psychiatric social worker for the breakup of a same-sex relationship.
The trial court dismissed Doe’s claims against the HMO, finding that the alleged disclosure occurred outside the scope of employment. The appellate division, however, stated that the HMO can only act through its agents and employees, and if it could not be held accountable the obligation to keep patient records confidential would be pointless.
Attorneys for the HMO believe that the court is creating "new law"
by permitting this claim to proceed. They fear that employers will now be
strictly liable for confidences revealed by employees outside the workplace. On
the other hand, attorneys for Doe believe that the HMO and its employees owe a
duty to its members to maintain patient confidentiality twenty-four hours a day,
seven days a week. It is likely that the HMO will appeal to the New York Court
of Appeals for a final determination on this issue.
IPAs Struggling With Texas HealthCare Companies
Humana Health Plans of Texas filed a lawsuit seeking injunctive relief when 19 Texas Independent Practice Associations ("IPAs") threatened to terminate their agreements with the healthcare company because Humana owed them approximately $10 million. The Texas District Court issued a temporary injunction against the IPAs causing 14 of the 19 IPAs to agree to binding arbitration to settle their differences with Humana. It is expected that the other 5 groups will also agree to the arbitration if a settlement is not reached before the temporary injunction expires.
In the meantime, Aetna has reached an agreement with the Texas
Attorney General in an effort to pacify its Texas providers after the former
Attorney General filed a lawsuit against Aetna and five other HMOs in 1998. The
lawsuit accuses Aetna and the other HMOs of illegally compensating doctors for
limiting patients’ medical care and penalizing those who did not. In an April
24, 2000 letter to the Attorney General, the National IPA Coalition expressed
its concerns regarding the numerous loopholes, ambiguous language and a lack of
future oversight in the Aetna agreement. Further, the settlement agreement lacks
any imposed fines, penalties or admissions of guilt on Aetna’s part, which the
National IPA Coalition says, illustrates a lack of balance in the
industry.
The OIG Issues A Draft
Compliance Program
For Individual and Small Group Physician Practices
On June 12, 2000, the Department of Health and Human Services, Office of the Inspector General ("OIG") issued a draft Compliance Program for individual and small group physician practices in an effort to invoke the private health community’s assistance in combating fraud and abuse. The OIG has determined that there are seven key elements necessary for an effective compliance program. These seven elements, which are contained in the draft Compliance Program, consist of:
-
Implementing written policies;
-
Designating a compliance officer/contact;
-
Conducting comprehensive training and education;
-
Developing accessible lines of communication;
-
Conducting internal monitoring and auditing;
-
Enforcing standards through well-publicized disciplinary guidelines; and
-
Responding promptly to detected offenses and undertaking corrective action.
The OIG has requested comments on the draft Compliance Program. Comments are due by 5:00 p.m. on July 27, 2000. See http://frwebgate1.access.gpo.gov/cgi-bin/waisgate.cgi?WAISdocID=2731424137+0+0+0&WAISaction=retrieve or Monday, June 12, 2000 Federal Register, Vol. 65, No. 113.
Getting a Headstart on
Complying With the Soon to be Released
Final HIPAA Privacy Requirements
The Secretary of Health is expected to release final privacy regulations under the Health Insurance Portability and Accountability Act ("HIPAA") by year’s end. Those entities required to comply with HIPAA’s electronic privacy and confidentiality standards must develop and implement various forms of protection to guard against the wrongful disclosure of patients’ protected health information. Thus, health care plans, providers, and clearinghouses (defined in the proposed regulations as "Covered Entities") will have two years from the date the regulations become final to comply with these standards.
Since the proposed regulations were released in November 1999, there has been a great deal of debate about the complexity of the regulations and the Covered Entities’ abilities to comply with these standards in an efficient, cost-effective manner within the timeframe posed. Not only will the Covered Entities be required to implement internal confidentiality policies, electronic privacy compliance programs and install software protections to safeguard electronic communications, but a Covered Entity must also require its third party vendors and consultants ("referred to in the regulations as "Business Partners") to execute "business partner agreements" to ensure that the Business Partners will comply with Covered Entities privacy policies.
To ensure that your entity will be able to meet the regulatory deadline, it is recommended that you begin planning how your entity intends to comply with these requirements. We suggest that you also begin formulating the business partner agreements to be executed by the Business Partners with whom you currently exchange patient information. Under the proposed regulations, the business partner agreement must contain certain elements such as a third-party beneficiary clause, which will permit a patient to assert a private right of action against you, the Covered Entity, and your Business Partner should the patient’s protected health information be wrongfully disclosed.
To obtain more information about "business partner agreements" and the proposed HIPAA regulations, please contact one of our Health Law Attorneys at (716) 849-8900.