HIPAA Blog

[ Friday, July 17, 2009 ]

Healthcare reform: A nice synopsis of the house bill.

Healthcare Reform: Only an idiot would think you can cut healthcare spending by spending more on healthcare.

Healthcare Reform: If you want competition, get the government out of healthcare, not further into it.

Business Associates: Dom Nicastro has some good tips for getting your business associates to focus on complying with HIPAA, now that HITECH has made them directly responsible for it.

Jeff [9:42 AM]

[ Thursday, July 16, 2009 ]

California Snoopin' results in $187,500 fine. I think this is the Octomom case.

Hat tip: Clark Stanton

UPDATE: Same hospital, different breach. They paid $250,000 for the Octomom snooping, but there were some other snooping incidents at about the same time, which were part of a different investigation.

Jeff [4:27 PM]

Health Reform = Health Rationing: Peter Singer has finally said it. I'm glad someone has, because this part of the conversation must be had. So far, it's all Santa Claus and the Easter Bunny: people ought to have healthcare for free (hey, apparently it's a "right"!), but instead of talking about how we're going to pay for it, let's talk about how we're paying too much right now! Singer's question is apt, but it assumes that the government, rather than private individuals, make that choice. If Bill Gates wants to spend $1 billion of his own money to extend his life a year, shouldn't he get to do so?

However, I believe that this conversation is too painful for Americans, and will kill healthcare reform. Why? Because this is the first reaction. Pretty funny and well done, actually.

Jeff [10:16 AM]

Social Media and Healthcare Marketing: Gienna Shaw talks about getting management buy-in.

Jeff [9:48 AM]

Qui bono? Interesting blog post over on InformationWeek about the tension between IT providers and patients over the push toward electronic billing records. I note it because the blogger notes, damningly, the question, "who will profit from digital medical records?" I know there are plenty of people occupying the corriders of power who want us to be in some sort of neo-Marxist paradise, but ain't nobody gonna do nothing for free. If EMRs, EHRs, and other personal digital health records are a good thing (and everyone tells us that they are not only good, but necessary), and we want them, we cannot expect to have them unless we pay for them, and we cannot expect anyone to provide them if they can't profit from doing so.

Who profits? As with any other exchange of goods and services in a free market, both sides. Those giving it away from free are either charitable donors or slaves, neither of which is a reasonable economic model for getting the goods and services you want.

Jeff [9:23 AM]

[ Wednesday, July 15, 2009 ]

Do state privacy laws deter EMR adoption? Are physicians and hospitals less likely to adopt electronic medical record technology due to the existence in their state of stricter privacy laws? Apparently, says this study.

Jeff [11:56 AM]

[ Tuesday, July 14, 2009 ]

OT: More Healthcare Reform news. If the problem is that we pay too much for healthcare, why do all the proposed health reform bills cost money, rather than save money?

This is why there will be no health reform this year.

See this, too. Especially see the last page: primary care physicians can't afford to live in NYC. Those guys, who Steve Pearlstein thinks make too much money, can't afford to live in NY or LA. Think about that.

Jeff [9:11 AM]

[ Monday, July 13, 2009 ]

Dr. Dappen Leaves Medicare: The story of one doctor's decision to leave Medicare. I'm sure Steve Pearlstein thinks he's a greedy bastard. This happens when the hassles of the system aren't worth the cost. If the doctor is good enough, he doesn't need Medicare, so he'll abandon it. And if Medicare gets worse, cheaper, harder to deal with, there will be more doctors doing this. So, the good leave, which leaves the rest. You get what you pay for. . . .

Jeff [12:03 AM]

[ Friday, July 10, 2009 ]

OT: Setting the table for my healthcare reform post. Oh, the number of people who ask me what I think about healthcare reform. What will happen? What should happen? Will this or that work? I don't know what will or won't work, but I have a pretty good idea of why things won't work, or won't work the way people think they will. Mostly, it is on account of two things: (i) the law of unintended consequences, and (ii) the failure to understand why things are the way they are, rather than just focusing the fact that things are the way they are. But that, especially number (ii), needs some set-up. Perhaps lots of it. That's why I've failed to post my missive on healthcare reform (that, and the fact that I'm unseasonably busy). But I will, soon.

In the meantime, trying to clear out some of the periodicals from my inbox, I saw a handful of items today that do a good job of illustrating these problems. First, I saw a letter written by an older lawyer (he went to law school on the GI bill after WWII) to the editors of the Texas Bar Journal, taking issue with a statement by the State Bar President in a prior issue. The President wrote, "At their best moment, all lawyers decided to go to law school because they thought they could help people." The older lawyer's objection: he went to law school to help himself by making money, thereby helping the rest of society be ensuring he was productive and earned a living in the service of his clients. He didn't go to law school to "help people," but to earn money so he could help himself (and presumably his family). Of course, by helping himself and earning his keep, he could then buy food from the grocer, clothes from the tailor, a house from the homebuilder, etc. The bar president's position, that all people who go to law school do so to help others, is certainly not even a good approximation of the fact that things are the way they are, and certainly don't come close to showing why things are the way they are. Sorry to shatter anyone's dreams, but most people go to law school because it pays handsomely.

Next, I saw an editorial in the June 22 issue of Modern Healthcare. Actually, the page (page 24) is a trifecta of my point in (ii) above. First, the lead editorial, is head/subheadlined, "Cat's still in the bag . . . but things could get ugly if it gets out that revenue is prime motivator." The key graf is the final one: "If Americans ever fully realize that too much of the system is aimed first and foremost at maximizing revenue for a few rather than improving the welfare of the many, the streets of Washington might be as full as those of Teheran." The editorial is somewhat rambling, starting with an observation of the protests in Iran, through Obama's healthcare reform efforts and specifically his direct pitch to the AMA, to an observation on The New Yorker's issue on the cost of care in McAllen, Texas. Specifically, the editorial quotes the following from The New Yorker: "Somewhere in the US at this moment, a patient with chest pain, or a tumor, or a cough is seeing a doctor. And the damning question we have to ask is whether the doctor is set up to meet the needs of the patient, first and foremost, or to maximize revenue." Uh, can't the doctor do both? Can't the doctor provide the patient with a service, thereby earning revenue for himself? Do we worry that plumbers or car mechanics are set up to maximize their revenue rather than meeting the needs of those with leaky pipes or radiator hoses? And, while we're at it, if the doctor doesn't make sufficient revenue, there won't be a doctor there in the first place. Since McAllen is such a hotbed of physician revenue maximization, surely there's a glut of physicians in McAllen, right? Uh, no, there's not. The "what" may be more healthcare spending in McAllen, but if you think the "why" is simply physician greed (at the expense of the patient, as implied by the quote above), you're missing the point; and, you're not going to fix that "what" by simply reducing physician compensation, certainly not without some unintended consequences.

Next, on the same page, a quote from Steve Pearlstein of the Washington Post:

"Docs seem to take it as a given that physicians in the United States should
earn twice as much as doctors in the rest of the world -- and five times more
than their patients. . . . Doctors are competent, hard-working professionals
trapped in a flawed system. . . . That system is no longer viable --
economically, politically, morally. The choice for doctors now is quite
clear: They can agree to give up a modest amount of autonomy and income, embrace
more collaboration in the way they practice medicine and take their rightful
place at the center of a reform effort that will allow them to focus more on
patient care. Or they can continue to blame everyone else and remain --
stubbornly -- a part of the problem."

Once again, it's the greedy doctors (as I'll point out later, if the jumping-off point for anyone's healthcare fix is "let's get the greedy [fill in the blank]s", I can guarantee you that they don't understand the why and their "fix" will not work). First, to the extent "doctors in the US make 2 times what doctors make elsewhere," what does that tell us? I suspect US newspapermen like Pearlstein make at least twice what newspapermen in the rest of the world make; given that the newspaper industry is in substantially greater a "crisis" than the healthcare industry, I'm guessing Pearlstein is volunteering for a 50% wage cut, right? How about car mechanics, or better yet, auto workers? Lawyers? Investment bankers? I'd guess the average US annual salary is twice the average annual salary of the rest of the world. "The US healthcare system is not economically, politically, or morally viable." Huh? It continues to operate, year after year. Nobody is dying in the streets (or at home due to rationed care, as is the case in countries with socialized medicine), so it's not economically non-viable. So far, just as in 1993 when the same players were singing the same songs, there is no political concensus that the healthcare system must be overhauled, however much Pearlstein and his ilk want to portray it that way. Therefore, it is not politically non-viable. And as for morally non-viable, . . . sorry, I'm at a loss to even understand his point. How is the current system immoral? How would its proposed replacement, a system that necessarily requires some sort of rationing*, be more moral? (*as for rationing, any change to the current system that is designed to reduce costs will necessitate it, unless we find slave labor to provide our care.)

Finally, immediately below Pearlstein, I found David Brooks of the New York Times: "Let's say you are President Obama. You've inherited a healthcare system that is the insane spawn of a team of evil geniuses from an alien power. Pay is divorced from performance. Users are separated from costs. Rising costs threaten to destroy your nation and everything you hold dear." Hmm. Well, our healthcare system, to the extent it is disfunctional, is the direct result of government meddling in the otherwise efficient free market. That "team of evil geniuses" came directly from the heart of the Democratic party (thanks, LBJ!) Alien? Not to Obama. Is pay any more "divorced from performance" than in any other business like, say, the newspaper business? It is really hard to define "performance," but generally, good doctors do make more than bad ones. "Users are separated from costs." YES. That throwaway line, ultimately, is the lynchpin for the entire problem with healthcare. But none of the health reforms proffered by Pearlstein or Brooks does anything to end that separation. And in fact, if anything, they want to separate users even more from costs. As for "rising costs in the healthcare system destroying the nation," I have 2 responses. First, have the economies of countries with socialized healthcare systems (or other systems that the proposed reformers of the US system favor) not suffered from the economic downturn just as the US has? If the US healthcare system is destroying the US economy, what is destroying the UK economy? Secondly, if you're worried about rising spending destroying the nation, take a look at the Stimulus Bill. That is what is truly destructive. Also, keep in mind that healthcare reform is "necessary" because of how high costs are now; but every proposed reform bill will increase the amount of money spent on healthcare (from a minimum of $600 billion to $3.5 trillion, according to some estimates), not reduce it.

Anyway, you can see why it's hard for me to tackle healthcare reform. I have started a blog post to run through my thoughts, and I'll try to flesh it out.

To the extent there is a public impetus toward healthcare reform, it is SOLELY because that is what the media and politician have trumpeted over and over again. In fact, the public "demand" for healthcare reform was greater in 1993 than it is today.

Prediction: Large-scale reform will not happen this year or next. It might've happened if Obama had tried it first. I believe that Obama came into office planning revolutionary change on many fronts, all with an emphasis toward socialist/statist structures: finance, the auto industry, taxes, and the size and scope of government, just to name a few in addition to healthcare. I also believe that all of these revolutionary changes are well beyond what the majority of Americans will stand for, so that Obama had the opportunity to get one done while his honeymoon was on. He chose the Stimulus Bill, which certainly has not delivered the successes it was virtually guaranteed to bring. He blew his wad. There is no appetite for large-scale unknown-result healthcare reform, and the failure of the Stimulus Bill (along with the impending failure of the auto industry bailouts) will cause a majority of Americans to resist sufficiently to prevent such reform. Mark my words.

Of course, more to come. . . .

Jeff [3:31 PM]

OT: Social Media Marketing. I have been and will be speaking on this (sign up and listen, it's free!), but there is a huge push to market using Twitter and other social media marketing milieu. One thing to be aware of: even if you stay away from these marketing tools out of fear or extreme caution, you need to be following what OTHERS are saying about you in these media. This is an excellent cautionary tale, and I love Amy Mengel's "one rule": Don't suck so much in the first place. So true: you can't win every time, the customer isn't always right, etc. But if you don't suck too much, you'll have some people who will jump in and defend you when someone lights you up.

Jeff [2:15 PM]

[ Thursday, July 09, 2009 ]

OT: what I did on the 4th of July. Quite a performance. You've got to look a long way down to find my name, but it's the first time I've run competitively since high school (which was the last time I was a runner at all).

Jeff [9:09 AM]

New Media in Healthcare Marketing: Apparently, it's becoming much more popular, and more used, by healthcare marketers. As you may know, I spoke on the issue last month.

If you're interested in (i) FDA regulation of drug marketing and (ii) new media, you might be interested in this free presentation I'll be giving with Peter Pitts and David Maizenberg in two weeks. It's free and online. Only a little bit about HIPAA, but it could be an important piece of the puzzle, especially for healthcare providers (as opposed to pharma companies) who are involved in new media marketing.

Jeff [8:56 AM]

Canadian HIPAA: Was it Larry Ellison who said "you have no privacy, get over it"? Whoever it was, they're apparently getting the message in Canada.

Of course, not that many people get healthcare in Canada anyway.

Jeff [8:46 AM]

Also from AHIMA: Apparently, the California statute requiring all healthcare providers to report any known unauthorized access has been, er, successful. LOTS of unauthorized access is happening, apparently. I suspect most healthcare providers are pretty meticulous about reporting stuff that's even just in the grey area, but still, I think there are a lot more incidents than most of us would've expected.

Jeff [8:41 AM]

AHIMA's Red Flags Materials: The American Health Information Management Association has published its white paper on complying with the Red Flags rule, if you're interested.

Jeff [8:37 AM]

[ Wednesday, July 08, 2009 ]

Fighting ARRA's National Health Information System: Also from BNA: "Provisions of the American Recovery and Reinvestment Act of 2009 that call for a national health information system for managing patient health records violate privacy and due process rights of those patients under the U.S. Constitution and other federal laws, according to a proposed class action complaint filed June 25 (Heghmann v. Sebelius, S.D.N.Y., No. 09-cv-5880, 6/25/09)." I suspect it'll be thrown out for lack of standing.

Jeff [9:34 AM]

Ohio Suit: Non-Party Records Protected: Via BNA (subscription required): "Discovery of the confidential medical records of nonparties in private litigation is not permitted by Ohio law, the state supreme court declared July 1 (Roe v. Planned Parenthood Southwest Ohio Region, Ohio, No. 2007-1832, 7/1/09)." The trial court's ability to balance the interest of the litigants to discovery versus the interests of the patients in the privacy of their records was effectively limited to litigants defending a claim of unauthorized disclosure. Based on the dissent, I'm not sure this issue is fully settled.

Jeff [9:27 AM]

[ Tuesday, July 07, 2009 ]

6 Rules: From Dom Nicastro (and for Paul Moore), some sage advice on the right way to approach HIPAA.

Jeff [8:49 AM]

[ Wednesday, July 01, 2009 ]

Tweets on a Plane: I'm currently on American Airlines flight 446, DFW-PHL, somewhere over the Appalacian Mountains, and blogging. On-board wi-fi. Don't know if its a blessing or a curse. It's like I haven't left my office, except I can't take phone calls.

Jeff [1:16 PM]

Twitter as an Epidemiologists Tool? Chris Thorman, who normally blogs about EMR software, has an interesting piece noting how well Twitter has worked in following the Iranian unrest, and contemplating a use for Twitter in tracking epidemics. A Google-Twitter mashup was useful in tracking the original outbreak of the swine flu (or H1N1 for the politically correct). There are definitely synergies: the speed and ubiquitousness of Twitter would be useful to epidemiologists. But there are downsides: the lack of verifiability and non-standardization inherent in an uncontrolled medium. For fighting against an authoritarian regime, the nimbleness and uncontrolability of Twitter is a feature. For fighing the spread of an epidemic, there are some definite shortfalls.

Jeff [1:06 PM]

[ Tuesday, June 30, 2009 ]

Arkansas Snoopin': Two hospital employees and a staff doctor have been charged with illegally accessing patient records in the case of a Little Rock news anchor who was brutally murdered. The case is in Federal court, but the article does not indicate whether the charges are being brought under HIPAA or some other statute. I'll keep you posted.

Jeff [3:29 PM]

NIH comment site: The National Institutes for Health have responded, in a way, to the report by the Health Privacy Project of the Center for Democracy and Technology on the need for better de-identification of PHI when it's used in research or for putlic health by setting up a comment site where interested participants can discuss the matter.

Jeff [9:24 AM]

Physician email: as more and more payors agree to pay for it, doctors are conducting more online communications with their patients. But you better have a secure connection and use encryption technologies.

Jeff [9:19 AM]

[ Monday, June 29, 2009 ]

HIPAA Sanctions Policy: As noted here, HITECH reiterated and refined the tiered penalty structure of HIPAA itself, and it's probably a good idea for every covered entity to have a tiered sanction policy for employees, staff and others who violate HIPAA. You do have a sanctions policy, don't you?

Jeff [9:42 AM]

[ Tuesday, June 23, 2009 ]

Wired Patient Rights: I absolutely agree with this: ". . . informed, motivated patients must play a much greater role in managing their own health if the policy goals of improving the quality of care and curbing costs are to be achieved."

More individual responsibility will be the greatest, if not the only, driver of improvements to the healthcare system. If there is no expectation that individuals will be responsible (financially, personally, emotionally) for the state of their health and the financing of their care, there will be no governor on the cost or care or its financing.

Jeff [8:46 AM]

Business Associates: Interesting article on the issues HITECH have raised regarding business associates. Two interesting points: "many" experts think business associates won't be ready to comply directly with HIPAA, and some covered entities don't even know who all their BAs are. Huh? Most BAs know they must provide privacy and confidentiality if they deal with medical records as part of their normal business; virtually all have signed business associate agreements specifically requiring them to do so. And frankly, there's not that big a difference being contractually obligated to comply (at risk of losing your business revenue) versus being directly obligated (at risk of an enforcement action). In fact, I'm willing to bet there have been a lot more contract terminations due to HIPAA breaches than enforcement actions. Also, covered entities tend to be compliance-aware; they know their businesses are highly regulated, and they know to keep up with that. I'd suspect most CEs have done a pretty good job making sure their BAs all are under BAA contracts.

Jeff [8:26 AM]

[ Thursday, June 18, 2009 ]

Healthcare Reform: This is a little off-topic, but not too far. I'm often asked what I think about the various health reform proposals. I haven't had a chance to draft out my ideas and issues on health reform, despite promising several folks I would do so. I will, though, soon. In the meantime, I think this is a worthwhile outlining of the issues raised, at least by the Kennedy plan. More to come.

Jeff [10:09 AM]

[ Wednesday, June 17, 2009 ]

Physician Data Breaches: According to the AMA, physicians have an ethical duty to report electronic medical record breaches to affected patients.

Jeff [1:12 PM]

[ Tuesday, June 16, 2009 ]

Cedars Sinai employee steals data, goes to jail. Jessica Hardwick didn't tell me about this.

Jeff [9:53 PM]

[ Monday, June 15, 2009 ]

4 HITECH areas to act on now: It's hard to say what you should be doing specifically without regs being issues, but these are all good points.

Jeff [9:26 AM]

Social Media and Healthcare: I'll be speaking in a few hours on the legal implications of using social media and Web 2.0 platforms for marketing healthcare services, but noticed this timely report from the Pew Research Center. 61% of adults do internet research for healthcare purposes. They're also using social media tools to find information and disseminate what they've found. The related research links are also very interesting.

Jeff [5:25 AM]

[ Friday, June 12, 2009 ]

Red Flags FAQ: The group of federal regulatory agencies (the FTC and a bunch of financial regulators like FDIC) who put out the Red Flags Rule have issued FAQs. I've skimmed but haven't read them yet; however, I wanted to pass this along anyway. There's nothing specific about physicians or other medical providers.

Jeff [8:25 AM]

[ Thursday, June 11, 2009 ]

One Year in Jail: a woman who works at a medical clinic accesses her friend's sister-in-law's medical records (because the friend and sister-in-law are fighting) and finds out the sister-in-law has HIV/AIDS. The woman posts that info on her MySpace page. She's caught, fired, . . . and sentenced to 1 year in jail for "unauthorized computer access."

I feel sorry for the woman, but I do like the deterrent effect.

Jeff [2:49 PM]

Online enrollment required: Under the health reform packages being considered, all health plans will have to have online enrollment. At least that's the part of healthcare reform you'd expect InformationWeek to find newsworthy.

Jeff [7:48 AM]

[ Monday, June 08, 2009 ]

Ross Martin, M.D.: Holy. Freakin. Cow. This is amazing. And all you need to know about HITECH.

Jeff [5:44 PM]

[ Thursday, June 04, 2009 ]

Creepy story from Sears.

Jeff [6:14 PM]

[ Tuesday, June 02, 2009 ]

CVS: You may remember that CVS got tagged with a $2+ million fine for failing to protect patient data (mainly, they dumped records). Now, they've announced some of their plans to improve their operations and better protect the information. Of course, shredding is a big part.

The HITECH provisions of the so-called Stimulus Bill require covered entities to publicly report data breaches of "unsecured" PHI, which HHS has defined as to be all data that isn't encrypted or destroyed. As I noted below, hard copies of data can't be encrypted, and unless you're done with them entirely, they can't be destroyed. But if you ARE done with them, then destruction is basically required; that means shredding of paper documents. And it seems like CVS got the message.

Jeff [9:54 AM]

[ Monday, June 01, 2009 ]

New Advertiser: please welcome my new advertiser, AIG Direct Health Insurance. If you're looking for an individual insurance policy, this is a good place to go.

Jeff [6:10 PM]

[ Friday, May 29, 2009 ]

Testy, testy: CCHIT is accused of whoring for HIMSS, which is accused of whoring for tech vendors. Personally, I think that's an unfair indictment of both organizations. HIMSS is made up of tech pros; it's obviously influenced by tech vendors, since many of the tech pros work there and the rest deal with those vendors and their products. Including the vendors in the conversation makes perfect sense, and doesn't make HIMSS a tool of the vendors. Nor does the reliance of CCHIT on HIMSS taint what CCHIT does.

Jeff [10:28 AM]

[ Thursday, May 28, 2009 ]

AEtna Web Site Hacked: 65,000 people offered credit monitoring: It's a job application website, not medical records, so not exactly a HIPAA issue.

Jeff [10:20 AM]

UNC + IBM = Improved Quality? That's what they're hoping for.

Jeff [9:59 AM]

[ Wednesday, May 27, 2009 ]

Tenet Employee Caught Stealing Medical Records: Your basic identity theft/credit card fraud case. But since it involves medical records, HIPAA is implicated, and the story indicates that the duo will be charged with criminal HIPAA violations. Under the original DOJ guidelines that say employees can't violate HIPAA (the thief was a records tech, not a nurse or other specialty that might be bootstrapped into the definition of "provider"), there would be grounds to fight the HIPAA part of the charge. But since ARRA expanded the coverage of criminal violations to business associates, there might be more legitimate claims for a criminal HIPAA violation.

Or would there? It seems to me that the thief wouldn't be a "business associate" of the hospital, but rather a member of the hospital's workforce.

I doubt it will matter. There are sufficient other charges that will easily stick, and I doubt the defendant here will care that she's being charged with a HIPAA violation rather than some other criminal violation; she'll plead down to whatever they give her.

Jeff [9:17 AM]

[ Tuesday, May 26, 2009 ]

HIPAA enforcement under the HITECH Act: The HITECH provisions in the so-called stimulus bill revise HIPAA and add additional enforcement powers, but how will they really be enforced? We'll have to wait for regulations, but in the interim, the Office of the National Coordinator for Health Information Technology has issued a white paper indicating how it will carry out the new enforcement powers. Unfortunately, there's not much there other than a reiteration of the HITECH provisions. More specifics, please.

Jeff [10:08 AM]

[ Friday, May 22, 2009 ]

Tips for Catching Snoopers: This is a pretty useful little article. Bottom line: use honeypots to catch those who are inclined to snoop before they actually snoop on something important. You don't know if your next patient is going to be the Octomom, so you don't know which files to more closely guard. So maybe you should find out who the potential snoopers are, rather than trying which files to more closely guard.

Sort of like the difference between Israeli airport security and American airport security: the Israelis look for bombers; the Americans look for bombs. Our way is much more egalitarian, but there's is more efficient.

Jeff [9:38 AM]

[ Thursday, May 21, 2009 ]

Data Breach, But No Proof of Damages: I just saw an interesting case out of Iowa (via BNA, subscription required), Doe v. Central Iowa Health System, Iowa, No. 07-1017, 5/15/09, where an employee/patient who had attempted suicide sued several hospitals and other providers over improper access to his medical records by coworkers. The jury determined that improper access occurred, but the plaintiff didn't show that the disclosures caused his mental anguish.

I noted early on that the big issue in improper disclosure cases will be the measure of damages (if you violated HIPAA, you've lost the case and are left simply to argue damages). Interestingly, in most cases, there aren't going to be any damages: except for sexual issues, mental health, or drug information, most medical information is pretty damned dull, when you think about it. Wanna see an MRI of my ruptured achilles tendon from a few years ago? I didn't think so. Here, the case DID involve one of those areas, so you'd think damages would be easy to prove. And I think they would've been, except that the plaintiff did not put on any expert testimony of his mental anguish and the physical effects it had; all he had was his own personal testimony that he lost sleep, became less social, etc. If he had hired an expert psychologist to say how screwed up he was (in other words, if he'd focused on damages), he'd have come out with some judgment cash.

Jeff [12:09 PM]

[ Monday, May 18, 2009 ]

Red Flags Rule: I've noted below and in eBriefs that healthcare providers are expected by the FTC to comply with the Red Flags Rule and adopt identity theft prevention programs. You have until August 1 to do so.