Healthcare Technology Management 844-4-RENOVO

YOUR PATIENTS RELY ON YOU
YOU RELY ON RENOVO

Healthcare technology Management

It’s not just something we do, it’s ALL we do.

Board Responsibilities & Liabilities

September 27, 2022, 3:14 AM

Volume 1, November 2022
by Al Rottkamp, MBA, MS, CRISC, SSCP, ITIL4, CLSSGB, CBET

Caremark, a Delaware corporation was created in November 1992 when it was spun-off from Baxter International, Inc. and became a separate publicly held company. As noted in court documents, Caremark business practices pre-dated the spin-off. During the relevant period Caremark engaged in two main health care business segments: providing patient care and managed care services.

Compensating a referring physician would be in violation of the Anti-Referral Payments Law (ARPL). In 1991, the Department of Health and Human Services (DHS), and the Department of Justice (DOJ) began investigating potential violations. In 1992, the company began new policies and procedures to discern any potential violations. Inside and outside counsel had advised Caremark’s directors that their contracts were in accordance with the law, however Caremark recognized some interpretation uncertainty.

In 1994, the Department of Justice indicted Caremark for violating the Anti-Referral Payments Law. One major issue was whether the Board exercised an appropriate level of oversight to the possibility of ARPL violations.

The shareholders of Caremark alleged that the company’s directors, neglected to utilize sufficient internal control systems, and therefore breached their duty of care. Due to this neglect, Caremark employees were able to commit criminal ARPL offenses.

Investigations indicated there was no evidence the directors knew there were any ARPL violations, and there was no systemic failure to exercise oversight.

The settlement included a guilty plea to a single count of mail fraud by the corporation, the payment of a criminal fine and the payment of substantial civil damages; in total, Caremark paid out over $250 million. In consideration for company cooperation with federal investigations on matters relating to an OIG investigation, the government agreed to negotiate a settlement that would permit Caremark to continue participating in Medicare and Medicaid programs, a major source of their revenue.

The Court’s 1996 Caremark decision established a legal framework for holding directors personally liable for breaching the duty of loyalty when a director fails to ‘appropriately monitor and supervise the enterprise.’ Under this decision, directors may be liable in two distinct contexts: 1) A board decision that results in a loss because that decision was ill advised or negligent, or 2) An unconsidered failure of the board to act in circumstances in which due attention would have prevented the loss.

For liability to attach under the Caremark theory, the board must have failed to provide any reasonable oversight in a sustained and systematic fashion, or the information reporting system on which the board relied must be deemed a total failure. Both are high standards.

Two recent court rulings, re Clovis Oncology and re Marchand v. Barnhill, indicate courts may be extending a corporate board’s duty to monitor even further. Although these two decisions did not involve healthcare organizations, they should review their risk assessment programs as the Caremark standards have been lowered and extended. Healthcare directors may be at an increased risk of shareholder lawsuits and personal liability.

The concept could be extended into nonprofit healthcare organizations without shareholders. Bondholders and donators could sue if their investments are damaged. State Attorneys General could sue under a charitable doctrine authority and thereby adopt a shareholder posture.

The courts are making it clear that boards must actively monitor compliance; a lack of action can be a basis of a failure of the duty of oversight, a failure to assure that a reasonable information reporting system is utilized maybe considered an act of bad faith or breach of a duty.

Healthcare organizations should utilize risk-monitoring systems to ensure patient safety. Recent decisions indicate the courts endorse a general risk and compliance oversight committee that reviews policies, procedures, protocols, and documented metrics on a regular basis. A lack of, or poor documentation will weaken your defense.

RENOVO SOLUTIONS

Renovo Solutions manages the entire medical technology asset life cycle, from procurement to disposal.

Our engineering staff maintain, service and calibrate medical devices from basic vital signs monitors to state of the art imaging.

We work with manufacturers and your clinical, technical, and financial departments to maintain optimum patient flow during purchases, reallocation, repairs, operating system upgrades and disaster recovery.

RENOVOSECURE offers an array of programs, from advisory services to on-site engineers and virtual CISO’s, that plan, implement, and monitor a reasonable cybersecurity framework utilizing CIS Controls and NIST best practices. A reasonable cybersecurity framework is becoming a legal compliance requirement at the federal and state levels.

Renovo staff can function as independent internal or external auditors and accessors providing the board a level of visibility, not previously provided. Our program correlates IT risk metrics to patient care and financial risk in relevant terms. Additionally, the external audit can provide an independent review for cybersecurity insurance premium reduction.

Plan now to achieve your mission with reduced personal and corporate cybersecurity liability.

DISCLAIMER: This article is for awareness and not to be considered a legal opinion or legal advice. Consult proper counsel.

 

Article References:

In re Caremark Intern. Inc. Derivative Litigation | Case Brief for Law Students (casebriefs.com)
Potential Board Liability for Cybersecurity Failures Under Caremark Law – CPO Magazine
In re Caremark Int’l | Case Brief for Law School | LexisNexis
Caremark: Even the Highest Standard Can Be Met | Corporate Compliance Insights
In re Caremark Intern, Inc. Derivative Litigation:: 1996 :: Delaware Court of Chancery Decisions :: Delaware Case Law :: Delaware Law :: US Law :: Justyna
In re Caremark International, Inc. Derivative Litigation/Opinion of the Court – Wikisource, the free online library
Boards of Directors on Notice with Recent Caremark Decisions | 2020-02-19 | Relias Media – Continuing Medical Education Publishing
The Caremark Standard and the Business Judgment Rule (diligent.com)
In re Caremark Intern. Inc. Derivative Litigation | Case Brief for Law Students (casebriefs.com)