Health Information Compliance Alert

Enforcement News:

How Liability Insurers Try To Get Out Of Paying Your HIPAA Defense Costs

Plus: New regulations could be on the horizon for telemedicine.

If your company undergoes a HIPAA investigation, will your directors and officers insurance policy cover the costs? Maybe — or maybe not.

Drug-testing company Millennium Laboratories Inc. is facing just such a problem. The laboratory has sued its liability insurer Allied World Assurance Co. (AWAC) for attempting to get out of covering Millennium’s defense costs related to a HIPAA investigation by the U.S. Department of Justice (DOJ) that began in early 2012, Law360 reports

On May 23, Millennium and AWAC each filed motions for summary judgment. Millennium argued that AWAC should pay out its $5-million directors' and officers' insurance policy to cover the laboratory’s defense costs, Law360 explained. But AWAC stated that certain conditions and exclusions in the policy in the policy bar coverage for the HIPAA investigation, and even if not barred entirely the coverage would be subject to a $100,000 sublimit of liability.

Nevertheless, AWAC has already advanced the $100,000 to Millennium, which is supposed to cover claims for regulatory wrongful acts. But AWAC refuses to pay out the rest of the policy because it alleged that the DOJ investigation doesn’t qualify as a coverage “claim,” and that the coverage is barred because the laboratory had already been on notice of prior actions before the AWAC policy took effect, according to Law360.

The case is: Millennium Laboratories Inc. v. Allied World Assurance Company (U.S.) Inc., Case No. 3:12-cv-02280, U.S. District Court for the Southern District of California.

Brace Yourself For The Regulatory Future Of Telemedicine

If you’re a provider using telemedicine to treat patients across state lines, pay attention to these new regulatory recommendations from the State Medical Boards’ Appropriate Regulations of Telemedicine (SMART) Workgroup.

The SMART Workgroup recently issued a Model Policy for the Appropriate Use of Telemedicine Technologies in the Practice of Medicine, reported law firm Nixon Peabody LLP in a May 30 Privacy Alert analysis. The model policy provides guidance to state medical boards for regulating telemedicine technologies and educates providers in providing medical services to patients via telemedicine.

The model policy’s intent is to promote a uniform regulatory process that providers would face when practicing medicine via telemedicine technologies across state lines and for states to implement recommended standards of care, Nixon Peabody stated. You can view the model policy at www.fsmb.org/pdf/FSMB_Telemedicine_Policy.pdf

LabMD Continues Its Squabbles With The FTC

You might not expect your data security breach to get you into hot water with the Federal Trade Commission (FTC), but one healthcare entity has had to wrangle with the federal agency over just such a breach (see “Security Breach? Now You Must Worry About FTC Actions, Too,” HICA Vol. 14, No. 3). 

And if this case gives any indication of what could happen to other covered entities (CEs), you should beware that FTC will no sooner give up a breach case than a dog with a bone.

Despite LabMD’s tough fight against the FTC’s enforcement case, the CE lost its case charging the FTC with “abuse of power and regulation” over LabMD’s data security practices, reported attorney Linn Foster Freedman in a May 16 Nixon Peabody LLC blog posting. A Georgia federal judge shot down LabMD’s pleas to have the enforcement case against it transferred directly to the federal court, instead of continuing to battle through the FTC’s administrative process.

The Georgia court decided that, “due to procedural requirements, LabMD must exhaust its administrative remedies before the court will hear its case on the merits,” Freedman wrote. “The decision is a blow to LabMD, which must continue to fight the enforcement agency within the FTC’s administrative processes, particularly since LabMD has continually spoken out against the FTC and the enforcement action has been highly contentious.”

Next step: LabMD’s case will move forward before an administrative law judge for the FTC.