Roundtable #19 | Medical Law

I . The History of Medical Law: Negligence, Ethics, and Confidentiality by Olivia Sieler

Concerning the responsibilities of medical professionals and the rights of their patients, medical law primarily covers issues of negligence, ethics, and confidentiality. [1] With its far reaching scope, medical law has long been addressed, beginning with the Hippocratic Oath in the Greek classical period. [2] This oath addresses several concerns of medicine, particularly focusing on a doctor’s duty to care for their patient to the best of their ability, uphold doctor-patient confidentiality, and instruct future generations of doctors. [3] Though the Hippocratic Oath remains valuable in the medical profession, medical law in the United States has been particularly shaped by landmark cases on negligence, medical malpractice, and confidentiality. Such cases set important precedent both for medical jurisprudence as well as for the medical profession as a whole.

Medical malpractice and negligence cases are especially central in the field of medical law, with Darling v. Charleston Community Memorial Hospital (1965) being a particularly monumental case. In this case, plaintiff Dorrence Darling II broke his right leg upon playing in a football game, and allegedly negligent medical treatment necessitated the amputation of his right leg below the knee. [4] He then sought to recover monetary damages due to negligence, and the Supreme Court of Illinois affirmed the ruling of the Appellate Court of the Fourth District which granted Darling $110,000 in damages. [5] This ruling set a notable precedent in medical law, as it caused two major reforms in hospital liability jurisprudence: first, the case established the doctrine of “hospital direct liability” which maintains that hospitals have independent duties to care for their patients and establishes the liability of the hospital entity when these duties are violated. [6] The ruling also addressed the issue of what constitutes sufficient evidence of the direct duties of care that hospitals owed patients. [7] This element authorized the use of a wide reaching evidentiary base, particularly due to the scope and number of standards set forth by the Joint Commission on Accreditation of Healthcare Organizations and hospital licensing requirements in addition to standards set forth by particular states, localities, and hospitals. [8] Because of the Darling decision, hospitals themselves were identified as directly liable for negligence and malpractice, marking a significant departure from previous theories about hospital liability, and substantially more sources could provide evidence of a hospital’s duty. In doing so, the Darling ruling heralded a new legal era in which hospitals were directly liable for medical malpractice and negligence. 

Cases of medical law have also provoked reforms in the customs and practices of physicians, and the landmark case Zion v. New York Hospital (1995) was one such case. In 1984, Libby Zion was admitted to the hospital with a high fever and severe agitation. In the emergency room, residents treated her with a medication that had a deadly interaction with her regular prescription medication. [9] Rather than imposing criminal charges, the grand jury that was assembled to investigate Zion’s death proposed reforms to medical education practices, which the Bell Commission, the advising committee to the New York State Health Department, then sought to implement. [10] By 1989, in response to the Bell Commission's recommendations, the New York Health Department updated its hospital code: new regulations limited residents’ work hours to eighty hours per week, limited residents’ shifts to twenty-four consecutive hours (exceptions were permitted if the limitation compromised patient care), instituted eight hour breaks between scheduled rotations, and required that residents be given one day off per week. [11] This case and the resulting law – deemed the Libby Zion Law – marked a significant reexamination of established medical practices and customs, as it led to a revision in the medical education of residents with the goal of preventing negligence and medical malpractice due to fatigue. With this case, the state of New York, and gradually every state, established regulations for preventing negligence, showing that the law sought to ensure the doctors were most able to fulfill their duties to their patients.

Doctor-patient confidentiality has also been a defining feature of medical law. Doctor-patient confidentiality was established under the Hippocratic Oath which outlined the expectation that clinicians would safeguard the privacy of the information they received. [12] This expectation supports clinicians’ work by promoting honest disclosures from their patients and assuring fair medical treatment. [13] In terms of the law, contract theory underlies this relationship: both parties carry particular responsibilities, enter into and maintain a consensual and voluntary relationship, are willing to negotiate, and benefit from the relationship. [14] Violating this oath and the contract engendered cause for punishment on the basis of breach of contract. [15] 

The case Doe v. Roe (1977) explicitly engages both the ethical and legal elements of the physician-patient relationship. In this case, psychiatrist Dr. Joan Roe published her patient’s disclosures made during a psychoanalysis in a book. The plaintiff cited the contractual physician-patient relationship, which held an “implied promise to obey the Hippocratic oath,” which established the ethical basis for confidentiality. [16] Here, the court upheld the necessity of doctor-patient confidentiality. Thus, the law protects a patient’s privacy on both an ethical and contractual basis, which has set a precedent for the privileged relationship between a physician and a patient.

Though the particular issues arising in medical law vary, medical law cases reveal that physicians owe particular ethical duties to a patient which carry legal implications. In the past century, the field of medical law has significantly expanded to protect the rights of the patient and ensure that a physician is upholding their ethical duties. Nonetheless, much remains to be seen on how medical law will develop in the more technologically-advanced contemporary era.

II. Advance Directives: Patient’s Rights in Planning for Healthcare Outcomes by Hannah Puelle

In healthcare, patient’s rights importantly include the ability to self-advocate when immediate decision-making isn’t possible or during instances of incapacitation. It is under these circumstances, and through a series of precedents in medical law, that the importance of advance directives is brought into focus. The Legal Information Institute defines an advance directive as “a legal document that takes effect if one cannot make decisions due to illness or incapacity.” [1] There are a variety of different types of advance directives, but they can be most accurately classified into two categories: power of attorney and living will. Power of attorney, in the context of an advance directive, is appointing a person to make medical decisions on behalf of a patient. [2] Living wills are directives written about a patient’s wishes to receive or not receive medical procedures like resuscitation, intubation, organ transplant, and more. [3] The legal grounds for advance directives lie in the principles of the right to refuse treatment and provide informed consent. 

An incapacitated person’s right to refuse treatment was initially enumerated as the “right to die” in In re Quinlan (1976). In this case, the appellant was the father of a young woman who was declared to be in a persistent vegetative state, and the respondent was Morris County, New Jersey. The appellant wanted to be named his daughter’s legal guardian so that he could advocate for her removal from life support. The court ruled that “the individual’s right to privacy grows as the degree of bodily invasion increases and the prognosis dim.” [4] This “right to privacy” is a part of the Fourteenth Amendment as it is often extended to matters of bodily autonomy. The court further qualified the right to privacy, adding that the more dire the situation is, the more an individual should be able to make their own decisions. Essentially, refusing treatment, even if it results in death, is a fundamental right. In fact, a patient whose treatment course is more drastic should have even more right to refuse said course according to the court in Quinlan. Having said that, there must be a strong indication that the decisions being made on behalf of the patient would have been made by the patient had they not been incapacitated. In a very similar situation to Quinlan, Cruzan v. Director, Missouri Department of Health (1990) involved a woman who was being kept alive with a feeding tube after a car crash left her in a coma. The plaintiffs, her parents, were asking that she be removed from the feeding tube, and the hospital refused to do so without a court order. Cruzan relied on the “right to die” precedent set in Quinlan, and added that although a patient has the right to refuse treatment, there must be “clear and convincing evidence of the patient’s wishes [that] lead[s] us to conclude that the State may choose to defer only to those wishes, rather than confide the decision to close family members.” [5] This precedent justifies both the ability for a person to enumerate their wishes in advance of their potential incapacitation and the possibility for a person to be appointed as a proxy, should this be the patient’s wish. Therefore, the right to refuse treatment is the grounds for power of attorney and medical proxies.

The idea of consent in medicine appeared for the first time in the case of Schloendorff v. N.Y. Hospital (1914). In this case, the defendant, the house physician at N.Y. Hospital performed surgery on the plaintiff, Scholoendorff — a patient who was not incapacitated at the time the procedure was commenced — without obtaining consent. The court held that the absence of the patient’s consent made the procedure a form of assault and battery, which made the house physician criminally liable. [6] Then, the ruling in the case of Salgo v. Leland Stanford Jr. University Bd. of Trustees (1957) coined the term “informed consent.” In this case, the plaintiff, a patient named Salgo, woke up paralyzed after undergoing an aortography — a procedure to take x-rays of the aorta. Salgo alleged that he was not properly notified of the risks of the procedure and sued the Board of Trustees at the Stanford University Hospital where the procedure had been performed. The court ruled that an individual doctor was not responsible, as many physicians had been involved in the procedure, however Salgo received damages. This expanded on the precedent from Schloendorff because now, not only did patients have to consent to procedures, but doctors also had to explain the risks of said procedures to them. [7] Finally, taking informed consent far closer to the modern conception, Natanson v. Kline (1960) expanded physician disclosure requirements. In this malpractice case, after a patient, Natanson, sustained injuries from cobalt radiation therapy, the court ruled that the doctor, Kline, was guilty of malpractice because the patient was not alerted of the potential risks of the treatment. [8] This expanded the conception of informed consent to ensure that patients had all of the information necessary to make a decision presented to them in a clear and unbiased manner. In Salgo, it was simply stated that physicians must inform patients of the risks of certain medical actions, but in Natanson, the specific requirements for what must be disclosed were defined. This is connected to the idea of a living will, as living wills — previously defined as preemptive decision-making about receiving specific medical procedures — are an example of patients making decisions for themselves, having information about the risks and rewards of procedures, and either giving consent or withdrawing it.

Advance directives are often associated with end-of-life care or other types of care that catch people at their most sensitive and vulnerable moments. In overwhelming situations like these, there have been many proposed modifications to reform the end-of-life-care system. One example is the National POLST program, which helps patients to create portable medical orders that are more comprehensive and transferable than other traditional advance directives. [9] These innovative solutions, coupled with future legislation and decisions on how patients can prepare for potential incapacitation are key points of the future of medical law.

III. Telehealth: The COVID-19 Pandemic and The New Era of HIPAA by Hannah Puelle

The COVID-19 Pandemic has put unprecedented amounts of stress on the healthcare system. According to a retrospective study of Medicare admissions from January 2019 to September 2021, mortality rates in patients without COVID-19 increased from 9.34% to 11.48%. [1] With these types of lapses and the dangers associated with entering medical facilities, people with non-COVID-19 related health issues may have been less likely or less able to seek care. A poll from the Harvard School of Public Health revealed that about 20% of Americans either delayed receiving care or were unable to get care due to the COVID-19 Pandemic. [2] As the immediacy of the crisis died down, an obvious solution to some of these healthcare issues was practicing telehealth, also referred to as telemedicine. Telehealth can be defined as “the delivery of traditional clinical diagnosis and monitoring by technology.” [3] The involvement of technology increases privacy concerns. At the intersection of privacy law and medical law lies the Health Insurance Portability and Accountability Act (HIPAA) (1996), which seeks to “limit the use of protected health information to those with a “need to know” [and] to penalize those who do not comply with confidentiality regulations. [4] As the pandemic continues on, and telehealth becomes more common, HIPAA and its constitutive Privacy Rule must be revisited to account for modern healthcare innovations.

HIPAA consists of four rules: the Privacy Rule, the Security Rule, the Enforcement Rule, and the Breach Notification Rule. The Office for Civil Rights (OCR) at the Department of Health and Human Services serves as the regulatory body for HIPAA. [5] On March 17, 2020, four days after what most Americans consider to be the beginning of the COVID-19 Pandemic, OCR issued a statement saying that they would, “not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth.” [6] This statement is still in effect today, more than two years later, and it primarily relates to the Privacy Rule of HIPAA. The Privacy Rule requires “Covered Agencies,” including Health Plans, Healthcare Providers, and Healthcare Clearinghouses, to protect all “individually identifiable health information” which is information pertaining to the patient’s medical condition or health care. [7] When Covered Agencies work with an outside service provider, they must become “Business Associates,” meaning that the outside service providers are agreeing to handle medical information with the same care as  a Covered Agency. [8] This rule primarily applies to Health Plans and Health Clearinghouses, who handle patient information in large quantities and require services from actuaries, lawyers, accountants, and more. However, telehealth has led Healthcare Providers to form Business Associate relationships with teleconferencing platforms like Zoom, WebEx in order to be HIPAA compliant. [6] In these cases, the previously mentioned loosened HIPAA restrictions on Covered Agencies in light of the pandemic have been useful.

Since telehealth only became widely used as of recently, there is little case law relevant to this specific issue. That being said, there is a body of law related to HIPAA and telehealth in general that is connected to this discussion. For example, the case of Planned Parenthood v. Bd. of Medicine (2015) deals with telehealth and its legality in meeting medical standards. In this case, the plaintiff, Planned Parenthood, filed suit in the Supreme Court of Iowa against the Board of Medicine of Iowa, over a new rule that  prohibited abortion consultations from being held virtually. The Court ruled this new rule unconstitutional, since the Board of Medicine had previously enforced other rules that supported the efficacy of telemedicine. [9] This means that telehealth has generally been considered a viable and equally effective way of practicing medicine to traditional medicine, even before the COVID-19 Pandemic. 

Also, the case of Monarch Fire Protection v. Freedom Consulting (2009) concerns HIPAA and Business Associates, and the responsibility that Business Associates have to patients as an extension of a Covered Agency. In this case, the plaintiff, a fire protection district, filed suit against the defendant, a consulting and auditing firm, for violating the Business Associate agreement by willingly sharing personal health information with local, state, and federal law enforcement agencies. The court ruled in favor of the plaintiff, reaffirming the importance of Business Associate agreements. [10] This case confirmed the responsibility of Business Associates to patients.

Based on these two examples, it is clear that the connection between Covered Agencies and third party services must be scrutinized under HIPAA. To account for the recent prevalence of telehealth, the privacy  requirements should be made more strict, but the onus should be on the third parties, rather than medical providers. Enabling Healthcare providers to provide telehealth services makes medical care more accessible to the masses, so HIPAA must be extended to support telehealth while still acknowledging the essential portions of the act.

Sources Article 1:

[1] Medical Law, HG.org Legal Resources, online at https://www.hg.org/medical-law.html (visited May 31, 2022).

[2] Greek Medicine: I swear by Apollo Physician... Greek Medicine from the Gods to Galen, USA.gov, online at https://www.nlm.nih.gov/hmd/greek/greek_oath.html (visited May 31, 2022). 

[3] Id.

[4] Darling v. Charleston Community Memorial Hospital, 33 Ill. 2d 326, (Ill. 1965).

[5] Id.

[6] Mitchell J. Wiet, “Darling v. Charleston Community Memorial Hospital and Its Legacy,14 Annals of Health Law 7, 400, 2005. 

[7] Id.

[8] Wiet, “Darling v. Charleston,” 401.

[9] Zion v. New York Hospital, 183 A.D.2d 386, (N.Y. 1992).

[10] Nachiket Patel, “Learning Lessons: The Libby Zion Case Revisited,” 64 Journal of the American College of Cardiology 25, 2802, 2014.

[11] Official Compilations, Codes, Rules, and Regulations of the State of New York, Title 10. Volume C, & 405.4(b)(6)(ii).

[12] Howard Marsh and John Reynard, “Patient Confidentiality: Ethical, Legal and Regulatory Responsibilities,” BJU International, 164, 2009.

[13] M. H. Kottow, “Medical Confidentiality: An Intransigent and Absolute Obligation,” 12 Journal of Medical Ethics 3, 117, 1986.

[14] T. E. Quill, “Partnerships in Patient Care: A Contractual Approach,” 98 Annals of Internal Medicine 2, 228, 1983.

[15] Doe v. Roe, 93 Misc. 2d 201, (N.Y. Sup. Ct. 1977). 

[16] Id.

Sources Article 2:

[1] Advanced Directive, LII / Legal Information Institute, online at https://www.law.cornell.edu/wex/advance_directive (visited April 6, 2022). 

[2] Power of Attorney, LII / Legal Information Institute, online at https://www.law.cornell.edu/wex/power_of_attorney (visited April 6, 2022). 

[3] Living Will, LII / Legal Information Institute, online at https://www.law.cornell.edu/wex/living_will (visited April 6, 2022). 

[4] In re Quinlan, 355 A. 2d 647, (NJ Sup. Ct. 1976).

[5] Cruzan v. Director, Mo. Dept. of Health, 497 US 261, (1989).

[6] Schoendorff v. Society of New York Hosp., 105 N.E. 92, 93, (N.Y. 1914).

[7] Salgo v. Leland Stanford etc. Bd. Trustees, 317 P. 2d 170, (Cal. App. 1957).

[8] Natanson v. Kline, 350 P. 2d 1093, (1960).

[9] POLST: Portable Medical Orders for Seriously Ill or Frail Individuals, POLST, online at https://polst.org/ (visited April 6, 2022).

Sources Article 3:

[1] L. C. Myers and V. X. Liu, “The COVID-19 Pandemic Strikes Again and Again and Again,” 5 JAMA Netw. Open 3, e221760 (2022).

[2] “One in Five in U.S. Report Delayed Health Care during Pandemic, Harvard T.H. Chan School of Public Health: News, (2021). 

[3] R. M. Marcoux and F. R. Vogenberg, “Telehealth: Applications From a Legal and Regulatory Perspective,” 41 Pharm. Ther. 9, 567 (2016).

[4] P. F. Edemekong, P. Annamaraju, and M. J. Haydel, “Health Insurance Portability and Accountability Act,” StatPearls, (2022).

[5] O. for C. Rights (OCR), HIPAA Enforcement, HHS.gov (2008), online at https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/index.html (visited April 25, 2022).

[6] O. for C. Rights (OCR), Notification of Enforcement Discretion for Telehealth Remote Communications During the COVID-19 Nationwide Public Health Emergency, HHS.gov (2020, online at https://www.hhs.gov/hipaa/for-professionals/special-topics/emergency-preparedness/notification-enforcement-discretion-telehealth/index.html (visited April 25, 2022).

[7] O. for C. Rights (OCR), Summary of the HIPAA Privacy Rule, HHS.gov (2008), online at https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html (visited April 25, 2022).

[8] O. for C. Rights (OCR), Business Associates, HHS.gov (2009), online at https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/business-associates/index.html (visited April 25, 2022).

[9] Planned Parenthood of the Heartland, Inc. v. Iowa Bd. of Med., 865 N.W.2d, 252 (Iowa 2015).

[10] Monarch Fire Protection District v. Freedom Consulting, 4:08CV01424 ERW, 927 (E.D. Mo. 2009).