THE HEALTHCARE industry never seems to be able to find a moment of calm. As one of the most highly politicized businesses in America, it’s subject to ever-evolving government regulations and is rife with complexity. On top of all that, the way that healthcare is being delivered is changing, and more players are entering the space in an attempt to take advantage of the opportunities available in a huge market. Just as healthcare leaders are being forced to adapt, so is insurance.
Few industries have as many serious risk exposures as healthcare, and insurance plays a crucial role in enabling healthcare organizations and providers to fulfill their roles without the fear of financial and professional ruin.
The need for cyber insurance has been the hot topic of 2017 across all industries, but it’s an issue healthcare has faced for some time. The sector has long been a target of hackers eager to get a hold of patients’ valuable personal information.
“The release of patient information through a cyber breach can cause so many problems, so there are myriad regulations at federal and state level that need to be coordinated,” says Thomas Hayden, Midwest healthcare practice leader at Willis Towers Watson. “Some health systems serve patients in multiple states, each of which has different regulations, so it can be tricky to address all of the regulatory issues in the aftermath of a cyber event.”
In an attempt to mitigate their cyber risks, healthcare organizations and systems are investing heavily in cybersecurity and implementing more advanced vetting systems for contracting work to third parties. Healthcare companies have recognized the importance of ensuring that any third party they employ is properly insured and can manage their own risk appropriately, because third-party contractors are often responsible for major breaches. Some healthcare policies offer cyber as an add-on, while other firms require healthcare organizations to buy a stand-alone policy, which, according to Hayden, causes some confusion.
“Our stand-alone products are proven to work, and most healthcare clients are buying stand-alone coverage,” he says, “but some other underwriters who specialize in property and medical malpractice are trying to demonstrate some added value by providing coverage.”
Medication mix-ups are another costly exposure for healthcare systems. Despite efforts to implement strategies to reduce errors, the human factor and the susceptibility of overworked employees to make mistakes means it’s difficult to see an end to these types of claims.
Just last month, 16 patients and their relatives filed a negligence suit against Pittsburgh’s Jefferson Hospital for the theft of Oxycodone by a pharmacy technician. The drug was intended for patients who were recovering from surgery or accidents, or had been diagnosed with late-stage cancer; it was replaced with pills that are ineffective in treating pain.
“[There was] at least a four-month period where patients in pain, who needed pain relief, did not get their pain relief and remained in pain,” said attorney Alan Perer. “It only came to light when a patient’s daughter looked at the pill that was being given by a nurse to her mother and said it did not look like an Oxycodone.” Fellow attorney Jennifer Webber added: “This isn’t something that the hospital discovered, and that’s what’s so upsetting about this.”
The pharmacy technician responsible for the crime has already pleaded guilty and been sentenced to six to 12 months in prison, plus three years of probation, but the suit looks to hold Jefferson Hospital to account for failing to prevent the Oxycodone theft.
As with every industry, technology is making its mark on healthcare and changing the way services are provided. In particular, the adoption of telemedicine – where technology is used to interface with patients and deliver medical services remotely – has increased significantly in recent years.
Telemedicine has proved to be an effective tool in providing care to patients who live in remote, rural communities or who may be unable to travel to a physical healthcare site. Telemedicine services can be provided over video chat and remote monitoring devices, and many big players in the tech space are developing and launching apps to optimize these services.
The rise of telemedicine has benefited both healthcare providers and their patients, but it is creating some new risk exposures. There has yet to be a string of claims directly related to telemedicine, but underwriters are observing cautiously as the technology advances at a rapid rate.
“To this point, telemedicine has only been used by licensed physicians to review patients, and the technology has not created a situation for a medical malpractice claim,” Hayden says. “The industry is also concerned about other cyber-related exposures that might crop up through telemedicine. For example, what would happen if a power outage occurred and a radiologist was unable to read a scan remotely? The technology is moving quickly, and we are waiting to see where and when it fails.”
The increased level of consolidation is also continuing to impact the healthcare space. Larger organizations are swallowing up smaller companies in an effort to gain market share – a trend that shows no signs of abating anytime soon. The insurance implications of an acquisition can be complex and, as with issues around cyber regulation, are often geographical. If a Chicago-based health system that has only operated within Illinois acquires an organization based in Michigan, for example, it will face a slew of risks.
“The potential exposures and market pressures could be completely different,” Hayden says, “so it’s important for the healthcare system to really focus on the unique risks of each geography.”
The recent $3.75 billion purchase of nonprofit Fidelis Care by private healthinsurer Centene is an example of the acquisition trend. According to Centene, the purchase will expand its governmentsponsored healthcare plan into New York, effectively giving Centene a leadership position in the country’s four largest managed care states by membership: California, Florida, New York and Texas.
As more health systems enter the health plan business, they are taking on risk that traditionally has been handled by health maintenance organizations [HMOs] and other plans. Although some health systems have experienced such risk through Medicare and Medicaid contracts, for some, it’s a new exposure. Errors created in the operation of a managed care plan are more akin to that of a fi nancial institution than a healthcare provider.
Similarly, there has been greater scrutiny of Medicare and Medicaid bills by the federal and state governments. “There is the potential for billing errors for those healthcare systems,” Hayden says. “If the federal government alleges that a healthcare system has over-billed or billed for too many procedures, there are all kinds of risks associated with that, including fi nes and penalties.”
Although it’s too early to tell how claims might be impacted by Medicaid reforms, Hayden has noticed a downward pressure on revenues in the healthcare sector, which could impact how organizations approach insurance. “Forward-thinking health systems are really looking at their tolerance for risk and the amount of risk to transfer,” Hayden says. “That might mean bigger self-insured retentions, higher limits or lower limits of liabilities. I think that using analytics to assess the tolerance of the organization is where this going.”