Three New Kinds of Liability Stalk Managed Care
HMOs and other managed care plans are increasingly subject to lawsuits, as lawyers realize that they make easy prey. But Mike Folio, a lawyer himself, has some tips for avoiding trouble.
Let's be honest. Litigating lawyers love loopholes, and managed care has gigantic loopholes that are leading to big-dollar cases. The plaintiff's bar worships Deep Throat's advice: "Follow the money." And because managed care emphasizes cost cutting and cost shifting, some lawyers seize on the economic incentives inherent in the system, finding ways to turn them back on their makers and on physicians, too, as evidence in liability suits on behalf of patients.
For some lawyers, the malpractice frenzy of the 1980s has evolved into the managed care feast of the '90s. Managed care shifts the balance of power, altering the face of malpractice, creating more and potentially deeper pockets, promoting litigation and creating new applications for dusty, decades-old doctrines that may imperil managed care itself.
In the past, breaching the standard of care meant malpractice. Simple enough. But managed care has added a second layer of liability, more meddlesome than simple malpractice, where cost-conscious health care decisions are engendering lawsuits.
And juries, suspicious of managed care, have awarded patients chests of cash. Health Net in California was stung by an $89 million verdict in 1993 for denial of cancer treatment. (Later negotiation changed the figure to an undisclosed amount.) In the same state, a Ventura County jury last year awarded a patient nearly $3 million from Simi Valley Family Practice Inc. for failing to refer the patient to a gastroenterologist.
A Georgia jury awarded the mother of a child $45 million from Kaiser Permanente after the child went into cardiac arrest while being taken to a hospital 42 miles away, where Kaiser had a discount, instead of a closer hospital where Kaiser had none.
There are countless other cases, perhaps not grabbing headlines, that are sending shock waves through the managed care community and attracting eager lawyers.
Not surprisingly, managed care is in for a tough legal tussle. Just as managed care is evolving, health law is maturing, though it is still unstable. It is churning more slowly than the rapid development of managed care's new configurations. But the trends are clear. Litigating lawyers have declared a war on managed care, salivating at the big three of this budding breed of liability — corporate networks, credentialing and utilization review.
The more complex the corporate network and the more elaborate its contracting relationships become, the easier the litigating lawyer's job will be to parlay bad results, even if not malpractice, into major cases. Once-voguish claims of failing to diagnose or making a small slip of the scalpel have been pushed aside by claims alleging denial of treatment, failure to inform patients of potential treatments and failure to refer patients to specialists.
In the past, with doctors in private practice or simple partnerships, it was easy to identify medical mishaps and potential targets. Now, health maintenance organizations, independent practice associations (IPAs), physician-hospital organizations (PHOs) and integrated delivery systems (IDSs), coupled with the combination of health care financing and delivery into one corporate entity, have created a rich menu of defendants. To lawyers representing patients, decisions regarding paying for care are inseparable from decisions about providing care, and when one corporation has a role in determining both, there is an inevitable conflict that opens up a managed care litigation loophole.
Managed care organizations will continue to be attacked as they finance the care that they provide or contract for the care others provide to their members. While some managed care organizations may not practice medicine directly, they make the business decisions that dictate medical practice. In the law, this may create an "apparent" or "ostensible" agency relationship whereby managed care organizations have control, however tenuous, over a doctor's discretion, much as a boss has control over an employee. And, as a rule, more control means more liability exposure for the managed care organization and more lawsuits.
The picture is not totally black. Managed care organizations and physicians may have some legal immunity. Employer-sponsored plans provide health care coverage for most Americans. Fortunately for managed care organizations and physicians, employer-provided plans constitute employee benefit plans under the federal Employee Retirement Income Security Act (ERISA). Although it was enacted to curb corporate pension raiding, ERISA is managed care's best friend. It preempts, or precludes, state tort remedies for claims arising under employee benefit plans, perhaps barring big-ticket negligence and punitive damages claims.
Here's how ERISA works. Suppose the employer-sponsored point-of-service plan is sued for denying coverage. Because the POS plan is an employer-sponsored ERISA plan, the claim may be barred. Also, the claim may have to be litigated before a federal judge and not a jury in a state court where rhetoric about balance sheets prevailing over patient needs may have more effect.
Other managed care organizations may have even stronger liability shields. HMOs with IPA staffing and managed care organizations that don't directly employ or control doctors may brandish the "corporate practice of medicine" doctrine. "Wait a minute," they can reply when sued. "We don't practice medicine. We didn't provide the care. We can't be negligent. Sue the doctor." The doctrine may preclude direct suits against these managed care organizations because they may be nothing more than an administrator and payer for services, much like an insurer reimbursing a physician for treating an insured person under the traditional fee-for-service system.
But these shields will not insulate managed care organizations from suits by their own doctors. Some physicians, caught in managed care's cross hairs over upholding the managed care organization's denial of care, have seized what defense attorneys call the "MCO made me do it" defense. Doctors, sued for denial of treatment, may argue that if malpractice was committed, it arose because the managed care organization refused to approve the care. The physician may in turn sue the managed care organization, showing that he recommended the treatment to the managed care organization, the organization ignored the doctor's advice, and the physician was required by the managed care organization contract to follow the organization's decision.
This defense is not a panacea, though. A physician's duty to provide necessary care is inescapable and the managed care organization's denial of treatment may not excuse the doctor's failure to render the care. But this defense, like managed care liability, is evolving, and its boundaries will be established in time.
Check those credentials
The second burgeoning area of managed care liability is credentialing. Often ignored, it's like that annoying stone in your shoe — it's tiny, but it's painful. And in managed care this pebble can seem like a boulder.
"It's a bunch of red tape," doctors often grumble. "I'm already credentialed by City Hospital. Just look at City Hospital's file."
The managed care organization, knowing its physician contract contains an indemnification clause and eager to cut administrative costs and please the physician, may agree. The indemnification clause puts the physician on the hook and not the managed care plan, the plan's managers reason.
Dead wrong. The organization's failure to do its own credentialing creates a litigation loophole. Suppose the physician commits malpractice and the patient sues. The patient's attorney, heeding litigation's golden rule — look for all deep pockets — sees the indemnification clause, then digs deeper and sees that the managed care organization did no credentialing, relying on City Hospital's credentialing.
Now, the physician and the managed care organization are each on the hook. The organization's failure to inspect credentials exposes it to liability separate from the physician's malpractice. It has a duty to ensure that competent physicians render care to its enrollees, and its failure to screen the physician, the plaintiff's' lawyer will say, allowed an "incompetent" physician to provide care. The managed care organization may be negligent or its conduct may be a breach of the managed care plan-member contract or of the fiduciary duty the plan owes the member.
Even worse, if the managed care organization's advertising materials extol its physicians as "skilled," "qualified" or the like, it may be guilty of misrepresentation, potentially exposing itself to punitive damages or even regulatory sanction or license revocation.
But what about the indemnification clause, an HMO's security blanket?
It doesn't apply. The managed care organization committed its own misconduct and the clause only insulates it from the physician's misdeeds. It is then left to explain why it didn't credential the negligent physician, fighting the plaintiff attorney's contention that the managed care organization let administrative cost cutting prevail over the necessity of weeding out an "incompetent" physician.
Credentialing is tricky. Managed care organizations are damned if they do and damned if they don't. Some farm out their credentialing activities, thinking it will absolve them from credentialing liability. Wrong again. The final decision always rests with the managed care organization and it cannot escape liability through a farm-out.
Of course, if the credentialing contractor agrees to indemnify the managed care plan, the plan may look to the contractor if it is found liable for the contractor's negligence. On the other hand, if the managed care organization is found liable for negligently selecting the contractor — that is, the contractor was incompetent or conducted the credentialing in an unskillful manner — the managed care organization may have no basis to get relief from the contractor.
Given these risks, managed care organizations should do their own credentialing. If the organization can show that the physician's record was clean when he was credentialed and until the mishap, there's a reasonable chance that a sympathetic judge will dismiss the lawsuit against the managed care organization.
If the organization insists on farming out its credentialing work, the contract should address application forms, confidentiality, professional liability insurance, verification requirements, the credentialing staff's minimum qualifications and similar issues. A comprehensive, tightly worded contract may give the managed care organization a legal cushion to seek relief from the credentialing contractor if a credentialed physician commits malpractice.
Aside from a managed care organization's credentialing liability to its members and patients, it may be stung by its own providers. Cost cutting requires managed care organizations to sign up cost-conscious physicians, ultimately dismissing doctors who ignore the bottom line. The old hospital-doctor privilege disputes over due process and medical staff bylaws have to a large extent been supplanted by complex fights over federal and state anti-discrimination laws, "any willing provider" acts, tortious interference with contract and antitrust issues.
Perhaps the most legally lethal dispute could be over economic credentialing — denial of privileges because the physician might cause the managed care organization economic harm by ordering too many tests or by failing to treat enough patients efficiently.
Credentialing based on exclusive contracts, closed staffs and expansive economic criteria may trigger antitrust concerns, potentially constituting illegal group boycotts or monopolization that violates federal and state antitrust laws. Economic credentialing criteria typically require review by an antitrust expert.
In late August, the Federal Trade Commission issued new Statements of Antitrust Enforcement Policy in Health Care, replacing statements issued in 1993. The new statements recognize so-called antitrust "safety zones" and "further emphasize that networks falling outside the safety zones may be lawful." They also contain a comprehensive analysis of risk sharing to identify networks that might run afoul of federal antitrust law.
Another emerging theory that dismissed doctors are using to sue managed care organizations is breach of the implied covenant of good faith and fair dealing. The implied covenant requires parties to a contract to deal fairly with each other.
In one case, a doctor denied renewal after being on the panel for 10 years was allowed to sue the HMO for breach of the covenant. The decision may establish a precedent that effectively nullifies a contract's no-cause termination clause and enshrines some amorphous right to continued empanelment for physicians with longstanding HMO relationships.
Credentialing is a deep layer of liability that lawyers will use to test the limits of cost-conscious medicine. Like managed care liability generally, credentialing liability is gaining a foothold in law and its popularity is growing among plaintiff's attorneys.
UR: solution and problem
Suits related to corporate networks and credentialing are serious matters, but perhaps the biggest managed care liability threat rests with utilization review. Undeniably, utilization review is managed care's lifeblood, reigning in costs by restricting treatment. But litigation's war is being waged not so much over UR itself but how it is being implemented.
Contracts typically give doctors authority to exercise medical discretion within the contract's parameters. But litigating lawyers contend — and juries are finding — that these contracts cloud a doctor's judgment and control a doctor's practice through, for example, authorization procedures, capitation, withholds, incentive bonuses and the like. Patients in turn are seen to be held hostage to the managed care organization's cost-cutting. As one court has said, UR activities cannot be "permitted to corrupt medical judgment."
Here's a common example. Suppose the managed care organization provides no direct medical services. It merely signs up members and pays for its members' services. Physicians provide services through a contract with the managed care organization. The contract is a capitation agreement that sets up a withhold or provides a bonus for limiting care. The patient requests treatment, the organization rejects the request, the doctor doesn't provide the treatment for that reason, and the patient is injured or dies.
In years past, under the "corporate practice of medicine" doctrine, the managed care organization could escape liability. The doctor failed to provide the care, not the managed care organization, and the doctor was solely liable. But not any more. Lawyers are hailing managed care organizations into court because capitation contracts permit those organizations to control doctors' discretion. How so? The doctor must honor the contract. The organization, under the contract, rejected the proposed treatment. The doctor, under the contract, may only provide care authorized by the managed care organization. Because the organization denied the care and because the doctor fulfilled his duty under the contract, the organization controlled the doctor's discretion, rendering itself the physician's "ostensible" or "apparent" agent and making itself vicariously liable for the injury or death.
A subcategory of utilization review liability involves telephone triage in which, typically, nurses field calls, advising members where to go or what to do for an illness. Without established protocols, nurses' advice may vary among patients with identical symptoms, resulting in disparate treatment of members that, if combined with bad results, could result in a lawsuit for negligent triage.
Telephone triage may also result in nurses dispensing advice that exceeds their license, inviting a lawsuit and regulatory sanctions against the nurse and the managed care organization.
Managed care organizations may adopt safeguards to minimize UR liability exposure. Competent and trained reviewers are absolutely necessary. In states that have no utilization review statutes, persons without a medical background should not do any screening. Managed care organizations should give employees UR competency tests. If a plan decides to farm out utilization review activities, the contract must establish nondiscretionary guidelines and credentials for the reviewers.
Every request, denial and reason for denial of treatment should be documented, and appropriate disclaimers should be printed in bold type on all contracts and handbooks.
While these and other steps can insulate managed care organizations from liability, litigating lawyers will continue to be lured to managed care lawsuits. Vast sums are at stake, and the responses that managed care organizations make to these cases will have great influence on managed care's future.
Mike Folio is a health care lawyer with the Charleston, W.Va., firm of Lewis, Friedberg, Glasser, Casey & Rollins.