California penalizes hospitals for preventable errors, through the only program of its kind in the nation.  But the program has failed to make a significant difference in curbing mistakes, the Union Tribune reports.  UT reporter Paul Sisson has some excellent tips on how YOU can protect yourself when seeking medical care:

[View the full article]

“* ALTERNATIVES: Inquire about better alternatives to the procedure you’ve been recommended. Visit choosingwisely.org for information about which treatments may be unnecessary.

* HIGH VOLUME: Choose a hospital, whenever possible, that performs a high volume of the procedure you need to undergo. Studies show such places and physicians tend to have better outcomes for that procedure.

* VACCINATIONS: Verify that your vaccinations are up to date before you’re admitted to the hospital.

* CURRENT MEDICATIONS: Tell your doctor, nurse, pharmacist and anyone else involved in your care about what medications you’re taking. Arrive at the hospital with your full list of drugs and be honest about any other self-medication. That includes dietary supplements, vitamins, herbs and recreational drugs.

* ALLERGIC REACTIONS: List any medications you shouldn’t take because of reasons such as allergic reactions or other known adverse outcomes.

* LABELING: Make sure all medicines you receive in the hospital — including through syringes, tubes, bags and pill bottles — have labels. Don’t be afraid to read these labels to see if they match what your physician prescribed.

* HAND-WASHING: Ask caregivers to wash their hands before they tend to you, if they haven’t done so. Unwashed hands are a main way of spreading infection in hospitals.

* CHECKLISTS: Find out whether your surgeon uses a checklist for your operation. Research shows that such checklists, even simple ones that include steps for preventing infection, can significantly lessen the error rate.

* SURGERY SITE: Confirm with nurses, imaging technicians, anesthesiologists and your doctor that they have correctly identified the part of your body targeted for a procedure. For example, all of your caregivers should agree on which kidney, knee or arm is slated for surgery. One common step is for the surgeon to sign his/her name on the area targeted for surgery.

* CATHETERS: Request an update each day on when your central-line or urinary catheter can be removed. Studies show that catheters, a prime source of infection, are often left in place long after they’re no longer needed.

* BEFORE YOU LEAVE: Go over all medication instructions before leaving the hospital.

* ASK AWAY: Ask as many questions as you need. If you don’t understand something your caregivers are about to do, speak up. Doctors, nurses and others should take action based on your consent.”

0

There is an epidemic of cyber security breaches of consumer’s personal information- no doubt about it. At a fast and furious pace, cyber attacks on hospitals are seemingly coming from anywhere and everywhere. With each breach, hackers’ show increasing boldness and sophistication. Health systems have become a one-stop shop for cybercriminals who not only steal valuable credit card information, but also access even more lucrative confidential patient information. Unlike a credit card that can be cancelled, when personal health information is stolen, the stolen information is at risk of being used illicitly for the rest of the victim’s life because it contains valuable identifying information (such as social security number, birth date, employment record, family member medical history, genetic information and personal health history).

How much information is being stolen?  One recent example involves Banner Health. Over 3.7 million of Banner’s health plan members’ sensitive patient information and valuable payment card information was hijacked. Banner is only one of at least 13 reported health information data breaches that occurred in the single month of August, 2016. The numbers of patients’ personal information being hacked are staggering: For example, 655,000 Bon Secours patients were also exposed to a data breach within just days of the Banner breach.

The number of patient records violated by these recent breaches still pales in comparison to the potential number of overall health records that can be hacked in one fell swoop: In the largest healthcare breach to date, 80 million personal records were stolen from Anthem in 2013, occurring just shortly after the FBI warned that hackers are now targeting health care.

These health care providers are not alone: There have been four reported cyber-thefts of Kaiser Permanente members’ records in the last five years. Healthcare has taken the lead for the most frequently targeted industry for cyber attacks cyber attacks, (edging out even the banking industry.)

No one is immune: Every industry, person, company, and government is at risk for a cyber attack. Over half a billion personal records were stolen or lost in 2015, ransomware increased by 35%, and 9 mega-breaches occurred. Soberingly, most companies are still not reporting the full extent of their security breaches, likely due to commercial reasons. Cybercriminals function in a myriad of ways from infiltrating and paralyzing entire systems and holding them for ransom, to stealing personal data and selling it in an underground market. As economic and political opportunities continue to flourish around breached cybersecurity, so too have the opportunities in the healthcare setting.

What can a consumer whose information has been cyber-stolen do about it? For a long time, there was no remedy. Fortunately, times are changing and there are potential remedies available:

  1. California Medical Information Act

California has one of the more progressive state laws protecting consumers. California Medical Information Act (CMIA). California Civil Code Section 56 et seq. provides:

“No health care provider can disclose or release medical data about a patient without authorization.”

A $4.1 million dollar settlement was paid by Stanford Hospital after 20,000 patients’ bills with sensitive, private patient information was posted online.  The data was posted by Stanford’s business partner it contracted with for purposes of the patients’ emergency room bills.

Settlements under the CMIA are not always a “slam dunk” when cyber hacking of patient records occurs. The California Court of Appeals has attempted to limit liability under the CMIA in the following ways in order for a consumer to win under the CMIA :

     (a)     Disclosure of “individually identifiable information” has been required, such as the patient’s medical history, (such as mental or physical condition) or treatment. Eisenhower Medical Center v. Superior Court (Riverside County) 226 Cal.App.4th 430 (2014).

     (b)     Negligence. While some courts have required proof of negligence, the CMIA does not expressly require this. The California Supreme Court could well find that based on the legislative history, this is a strict liability statuteIn the mean time, negligence may not be difficult to prove. The U.S. Food and Drug Administration (FDA) has found that the most common causes of medical records being hacked include lax password distribution, disabled, weak and/or absent passwords, lack of updated security software and lack of encryption. Who can argue that such rookie moves in the handling of voluminous and sensitive patient information is not negligence? In fact, criminal recklessness comes to mind!

     (c)     Proof: Unauthorized person actually viewed the medical information: It is this proof that an unauthorized person actually viewed the information that has been most difficult for a consumer to establish.  For example, in Regents of the University of California v. Superior Court, 220 Cal. App.4th 549 (2013), a UCLA physician’s laptop containing thousands of patients’ electronic charts was stolen.  Because the patients couldn’t allege that the data was illegally “disclosed” after it was stolen, the case was kicked out. Left uncertain after the UCLA case was whether proof of disclosure was enough for a lawsuit to go forward. While the California Supreme Court has yet to rule on the issue, another Court of Appeal case holds that even disclosure alone isn’t sufficient: a plaintiff must prove that the “stolen medical information was actually viewed by an unauthorized person.” Sutter Health v The Superior Court of Sacramento County (Atkins), 227 Cal.App.4th 1546 (2014). The court held that mere possession of medical information or records by an unauthorized person was insufficient to establish a breach of confidentiality if the unauthorized person has not viewed the records.

All is not lost for consumers: There the California Supreme Court has yet to rule on these issue, and the California Supreme Court could well find that the legislative history imposed no such restrictions on recovery.  Further, as outlined below, federal lawsuits have eased requirements for similar lawsuits.

  1. Federal Class Actions

Recently, there have been pro-consumer decisions rendered by multiple federal Courts of Appeal in consumer class actions.

For example, in September, 2016, the United States Court of Appeals held in Galaria v. Nationwide Mutual Insurance Co. __F.3d. __ (6th Cir. 2016) that where a data breach targets personal information, a reasonable inference can be drawn that the hackers will use the victims’ data for the fraudulent purposes alleged in Plaintiffs’ complaints. The court reasoned that where Plaintiffs already know that they have lost control of their data, it would be unreasonable to expect Plaintiffs to wait for actual misuse—a fraudulent charge on a credit card, for example—before taking steps to ensure their own personal and financial security….Where the Plaintiffs allege they and  other putative class members must expend time and money to monitor their credit, check their bank statements, and modify their financial accounts, these costs are a concrete injury suffered to mitigate an imminent harm, and satisfy the injury requirement.

Similarly, the court in Remijas v. Neiman Marcus Group, LLC, 794 F.3d 688 (7th Cir. 2016) reasoned: “[w]hy else would hackers break into a store’s database and steal consumers’ private information? Presumably, the purpose of the hack is, sooner or later, to make a fraudulent charge or assume those consumers’ identities.”  This is consistent with the Court of Appeal’s rationale in Lewert v. P.F. Chang’s China Bistro, Inc., 819 F.3d 963 (7th Cir. 2016), where restaurant customers’ credit-card data was stolen in a data breach, because a “primary incentive” for a breach is to commit fraud.

Closer to home, the Ninth Circuit (which includes California) similarly found standing in Krottner v. Starbucks Corp., 628 F.3d 1139 (9th Cir. 2010), where employees brought suit after a thief stole a company laptop containing their personal information.

Not all federal Court of Appeals decisions are in favor of consumers on this point.  The Third Circuit reached a different conclusion in Reilly v. Ceridian Corp., 664 F.3d 38 (3d Cir. 2011). In Reilly, a hacker broke into a payroll processor’s network, but it was not clear “whether the hacker read, copied, or understood” the personal data stored on the system.  The plaintiffs whose data was in the system alleged an increased risk of identity theft, but the court concluded that the injuries were too speculative because there would be an injury only, “if the hacker read, copied, and understood the hacked information, and if the hacker attempts to use the information, and if he does so successfully.”  The Third Circuit also distinguished the case from data-breach cases where courts found standing: “Here, there is no evidence that the intrusion was intentional or malicious.”

The pro-consumer decisions in the federal courts may conceivably open the way for similar findings in class actions under the California statute, and the California statute provides for penalties of $1000 per person in addition to actual damages (such as costs associated with changing bank accounts, freezing credit etc.), and the defendant would have to pay all attorney’s fees.

Stay tuned as the state and federal courts scramble to keep up with the raging technological advances that allow cyber-thieves to remotely and repeatedly steal your most cherished private information with the click of a mouse.

If you or someone you know has had their personal medical information or other personal data stolen by a cyber attack in California, please contact us using the button at the bottom of this page, or call 619-238-8700.

0

DSC_0458In an article published August 19, 2016, the LA Times reports on the proliferation of “stem cell clinics” in America. The Times finds that the treatments – which generally consist of injecting patients with stem cells drawn from their own body fat – are expensive and unproven. The concern is that these treatments are marketed with heavy-handed tactics by some clinics to the most vulnerable in our society, those with degenerative, disabling or incurable diseases.  Clinics promise treatment or cures for patients’ ailments with no proof that the treatment is safe or effective, no FDA approval, and a price tag in the thousands, or tens of thousands of dollars.

The article quotes Mulligan, Banham & Findley founding partner, Jan Mulligan, on the firm’s current class action investigation into these clinics:

“Stem cell scientists include the best and the brightest doing great work, and I admire them…. At the other end of the scale, there’s snake oil.”

The article also draws from a recent “stem cell tourism” study by UC Davis stem cell scientist Paul Knoepfler, and bioethicist Leigh Turner of the University of Minnesota. Their study found 570 U.S. clinics now marketing these unproven stem cell interventions, with “hot spots” in Southern California, Phoenix, New York, San Antonio and Austin, Texas.

See the full LA Times article here.

Our firm continues to investigate this important issue, including claims of false advertising, violations of consumer protection statutes, fraud and misrepresentation by stem cell clinics.  If you feel you were harmed or misled by a stem cell clinic in California, please contact us using the button at the bottom of this page, or call 619-238-8700.  See this page for more information.

0

heading_departmentEight California hospitals were fined a total of $483,650 for serious issues in patient care, according to a report released Thursday.  The fines, levied by the California Department of Public Health, came after the Department’s investigations discovered non-compliance with licensing requirements which “caused, or was likely to cause, serious injury or death  to patients.” The fines ranged from $47,025 to $86,625 per hospital.

Administrative penalties are issued to hospitals under authority granted by California Health and Safety Code Section 1280.1. Newly adopted regulations allow the Department to assess an administrative penalty for incidents occurring on or after April 1, 2014, against a specified licensee for a deficiency constituting an “immediate jeopardy” violation up to a maximum of $75,000 for the first administrative penalty, up to $100,000 for the second, and up to $125,000 for the third and every subsequent violation within three years.

San Diego’s Vibra Hospital was among those fined.  Vibra was fined $47,025 in connection with a patient’s brain damage and death in 2014, attributed to staff ignoring signs and alarms that should have alerted them that a breathing ventilator had become disconnected, as reported by the San Diego Union Tribune.  A full report of the incident can be found on the Department of Public Health’s website.  The fine was noted as the hospital’s first “immediate jeopardy” administrative penalty since the program began. Vibra was also required to submit a “plan of correction” to California’s health regulators.

Licensing requirements exist to protect us from the increasingly consolidated, powerful, and for-profit medical industry.  As patient-advocates, and members of the community, we applaud these recent regulatory measures by the Department of Public Health.  At the same time, we question whether a $47,025 penalty for a preventable injury that ended a patient’s life sends a strong enough message of the value we place on patient safety.  Ultimately, it is not the amount of a single fine that will keep us safe. Safe care is brought about by long-term attention and support from consumers — and voters — for vigilant oversight of the medical industry.

0

In the spirit of thankfulness and as we approach the full gale of the holiday season, here are some true heroes to keep in mind: family caregivers. Some astounding figures according to AARP (American Association of Retired Persons):

  • 39.8 million Americans – 16.6 % of the population – are giving unpaid care to an adult.
  • If provided by paid workers, this care would cost $470 billion annually.
  • 18% of caregivers take care of two or more adults.
  • 13% of caregivers are assisting a friend or neighbor.
  • 2 million Americans care for their own adult children.
  • 40% of caregivers are men.
  • 7% of caregivers live more than two hours away from the person they help.

Just published for National Family Caregivers Month, November, 2015, here are some tips for respite: http://caregiveraction.org/national-family-caregivers-month.  “Respite” is relief or rest for the caregiver.  Giving a gift of respite to those who care for others is a wonderful way to show them they are appreciated and not forgotten.

Happy and Restful Holidays

0

With the coming of Breast Cancer Awareness Month in October, it’s a good time to talk about charity scams.   Our firm handles fraud actions in the healthcare context, and scams burn us up.    Do some research — know your donation dollars are going to actually support breast cancer research and programs.   As one site put it, “Think Before You Pink.”   This includes not just donating, but purchasing products which purport to give to breast cancer research.

Look for well-established charities, ones that are transparent about how funds are spent, and especially those that will disclose financial records.

My family recently decided to donate an older family car to the fight against breast cancer.  We found a site coming up first on internet searches.  A call to the site number had a representative saying suspicious things.  We did more research.  Good thing.  On further research, the charity appeared convoluted, difficult to track, and was criticized for not being reliable for charitable giving.  For example, it appeared that the charity took in $5.7M in revenues in 2013, but their expenses claimed were $5.65M.  The Form 990 on file with the IRS showed that very little money actually went to a true charitable purpose.   Do we know whether it was a trustworthy charity?  No, there was not enough out there to assure us, and plenty to raise red flags.   In the end, the car went not to them, but to a different charity with solid figures and accountability.

If you think the warm, fuzzy charity that is tugging at your heartstrings is worth your $$, make sure it can support its claims.   Try this link set up by the California Department of Justice: https://oag.ca.gov/charities.  Put the name of the charity to which you’d like to donate in their Charity Research Tool.   Be cautious if your charity does not appear, and do further research.   You also may want to take a look at this scary recent news clip:  http://www.cnn.com/2015/05/19/us/scam-charity-investigation/.  Bottom line:   Sadly, charity scammers are out there, and you’ve got to be vigilant so you don’t get “pinked in a wink.”

0

In what industry, other than health care, are consumers expected to make life-altering decisions about who to hire (for the most important job — their health) without the slightest idea what their services will cost?

CR-Health-II-California-Project-Logos-09-15A new website clears some of the fog surrounding health care value in California.  A tool on the site allows consumers to compare California hospitals and health care providers on both cost and quality. But health insurers may be making a play to render it useless.

The $3.9 million web tool was created through a partnership between the California Department of Insurance, UC San Francisco, Consumers Union (the publisher of Consumer Reports) and others.  It allows comparison of quality scores of health care providers with the amount they charge for their services.

Visit the website by clicking the pic above, or going to www.cahealthcarecompare.org.

This information, particularly the quality scores, is sorely needed by California consumers and is an excellent step forward.  Where the project falls flat for many consumers, however, is that it does not allow consumers to compare the net cost charged to them between different health insurance plans.  Due in part to the Affordable Care Act, a lot of us are insured, and that number is growing. According to the LA Times, health insurance companies have worked to block the inclusion of their rates in a comparable tool.  Instead, we are left with statewide averages, which can mask wide variations between insurance plans.

So, for many of us, the comparison is incomplete.  We can discover the rated quality of a provider, and the average price of the service… but not actual cost to ourselves or our insurer, or what it would be under a different plan. (Our insurer’s cost becomes very important in liability claims, because they demand their portion back!).  Detailed cost estimates from insurers can be found by clicking a button on the new website.  But only health plan members with an active policy can access that information — ensuring that no cost comparison can be made before buying a policy.

We applaud the new “CA Health Care Compare” website as an important first step in health care value transparency.  And we urge the Department of Insurance, Consumers Union and California consumers to keep the heat on insurers to pull back their curtain on pricing, so that the site might reach its full potential.

0

Cities and counties usually have broad immunities from lawsuits.  But, if a statute provides a basis, such as when a city allows a dangerous condition to exist on public property, there can be liability.

The California Supreme Court recently found that trees planted or maintained in a median can pose a foreseeable danger to drivers, and that a city can be liable, even in a case where another negligent driver causes a car to veer into the median and hit the tree.  The court found it was not necessary for the plaintiff to prove the trees caused the at-fault driver to operate his vehicle recklessly. The court held plaintiffs need only show the trees – in this case which were alleged to be too close to the road – were a proximate cause of the injuriesCordova v. City of Los Angeles.  August 13, 2015.

Tree cases are blooming of late.  In 2014, City of Pasadena v. Superior Court held that local agencies could be liable for inverse condemnation when a city-owned tree damaged in a windstorm fell and damaged private property.

Dangerous conditions of trees can lead to large verdicts, as seen in a suit filed in 2011 by a man who was rendered paraplegic after being crushed by a falling queen palm after the city canceled its tree-trimming program due to budget cuts.  Mission Hills resident Michael Burke, the plaintiff in that case, received a verdict of a reported $7.7M against the City of San Diego.  Press after the case focused on the need for inspection, monitoring and care of trees under government control, especially palms which have shallow root systems and topple more easily.

And lower trees blocking views can be just as bad a problem.  In March, 2015, a baby was killed and her father injured when her father pushed a stroller across an intersection at Catalina Blvd. and Canon Streets in Point Loma.   The motorist who hit them indicated a tree had blocked his view.  That palm tree has since been removed by the city.

Local agencies should be viewing these cases as a call to remove or trim trees before tragedies are repeated.  In some areas, untended brush impeding views may be the problem.  But, just as worrisome, drought conditions and water restrictions can weaken trees.  And, parched trees can and do fall.  http://www.usnews.com/news/science/news/articles/2015/07/31/amid-california-drought-fears-rise-of-trees-dying-falling

Homeowners and local entities responsible for public grounds should take heed of these new cases and the conditions increasing potential liability.

0