One good thing that occurred during the pandemic was the expansion of telehealth. Telehealth existed already and probably would have been expanding anyway, but patient willingness to get care from home instead of risking exposure from an in-person visit paired well with provider interest in not going to or even having to maintain an office.
Privacy
California Court Largely Guts Pharma Privacy Claims
Plaintiffs’ attorneys are always looking for new ways to sue pharmaceutical companies. Under the banner of “no good deed goes unpunished,” plaintiffs in California recently sued a prescription drug manufacturer after they took advantage of the manufacturer’s program to help pay for a medicine widely used to treat arthritis and plaque psoriasis. There are no…
Lawyers for Civil Justice Advocates Privacy-Protective Changes to the Federal Rules of Civil Procedure
In addition to its expected slam of the judiciary’s Federal Rules Committee largely toothless proposal for an MDL-specific rule of civil procedure, the LCJ recently did something both innovative and unexpected (at least to us) – on September 19, it proposed amending multiple federal civil rules to address privacy issues. See LCJ, “FRCP…
Dobbs Would Likely Have Significant Impacts On Drug And Device Companies
Despite our use of plural pronouns, almost all of our posts come from a single author. We occasionally have guest posts by multiple authors or a post that pairs one of us with a subject matter expert. For this post, however, all seven authors of the Blog are joining together.
We are just simple defense…
Pleading Preemption As A Defense In A Privacy Class Action
Critics have been known to accuse us of being too hard on product liability plaintiffs and too forgiving of defendants who develop medical products. We all have our biases, especially after many collective decades of representing the latter group, but we do think the table is often tilted in favor of the former group. One…
As If Discovery Were Not Difficult Enough, Now This
When Congress enacted HIPAA and its Privacy Rule in the mid-1990s, it was a big deal. Healthcare providers surely protected patient privacy in the pre-HIPAA days, but the federal statute gave them a standard set of rules with which to comply and a uniform referent against which to gauge their privacy practices. All told, HIPAA’s…
Did You Search Your Jurors’ Social Media? There Are Rules
If you represented a large corporation or a wealthy individual, wouldn’t you want to know if your prospective jurors were campaigning for Bernie Sanders on Facebook? Or how about criminal prosecutors who might want to know if members of their jury panel had posted strong feelings on police conduct? If you were adverse to a drug or medical device company, maybe you would want to know if a prospective juror wrote for the Drug and Device Law Blog (although we can guarantee that you will find no more thoughtful and impartial jurors than the seven individuals who make up the collective “we”).
Millions of potential jurors make information like this (and much more) publicly available on the Internet through social media or otherwise, and what trial advocate would not want to uncover it? We got to thinking about this topic a few months ago when we read a unique order that came out of the Northern District of California in Oracle America, Inc. v. Google Inc., ___ F. Supp.3d ___, 2016 WL 1252794 (N.D. Cal. Mar. 25, 2016). The district judge in Oracle v. Google asked the parties in a high-stakes copyright action to abstain voluntarily from searching the jury panel’s social media. If the parties would not agree to a complete ban, then the court would impose specific limitations.
We’ll get to the details in a minute. But first, we set out to see if there are any rules that govern searching jurors’ social media (with research assistance from Reed Smith attorney David Chang). It turns out there are, mainly within the rules of ethics and professional conduct. The first rules obviously are our duties of competence and diligence. They are among the first duties listed under the ABA’s Model Rules and probably the rules governing lawyers in most every state. See Model Rules of Professional Conduct, Rules 1.1, 1.3. If there is publicly available information that would help us identify jurors with potential biases, a competent and diligent trial advocate needs to consider gaining access to it.
There are, however, countervailing considerations. On April 14, 2014, the ABA’s Standing Committee on Ethics and Professional Responsibility published “Formal Opinion 466, Lawyer Reviewing Jurors’ Internet Presence.” The ABA committee’s opinion came on the heels of an opinion from the Association of the Bar of the City of New York—“Formal Opinion 2012-2, Jury Research and Social Media.” These are not the only publications on the topic, but they were at the cutting edge, and they cover the major considerations.Continue Reading Did You Search Your Jurors’ Social Media? There Are Rules
All You Need to Know About LabMD’s Big Win in/over the FTC
We have been meaning for a while to write about LabMD’s epic data privacy fight against the FTC. We’re sure you have read about the action, and particularly about the administrative order dismissing the government’s Administrative Complaint in November 2015. The noteworthy part of the order is its holding that the government has to prove actual injury to consumers, not merely a theoretical “risk” of future harm, in data privacy enforcement actions. We like the sound of that. It reminds us of the old days of medical monitoring class actions, otherwise known as “money for nothing,” where uninjured plaintiffs would claim compensation for future medical surveillance, even though they had never experienced any actual complication. We don’t see those much anymore, but a similar battle has gone on in the context of data privacy. The vast majority of data security breaches result in no tangible harm to anyone, but plaintiffs still sue, and they still want money for the theoretical risk that someone, someday might use their private information to cause them harm—fraud, identity theft, and the
like.
But back to LabMD. The FTC has gone after many companies for allegedly lax data security practices, and in almost every case, the target comes to a negotiated resolution, usually involving a fine and a consent decree requiring certain measures to better protect private information. What makes LabMD different is that, once it found itself in the FTC’s crosshairs, it fought back. That decision was bad for business—the company announced in 2014 that the government’s action essentially closed it down—but it resulted in a complete win at the administrative level and a landmark order pinning back the government’s ears. The action has been going on for years, but here is what you really need to know:
Why do we care? The issue is data privacy and security, and the drug and device industry holds reams of private information—employee data, customer data, consumer data, patient data, etc. The FTC remains the biggest bully in the schoolyard when it comes to data privacy, and the LabMD order is a landmark in delimiting the FTC’s usually unchallenged regulatory prerogative.Continue Reading All You Need to Know About LabMD’s Big Win in/over the FTC
Medical Device Cybersecurity: Maybe Dick Cheney Was Not So Paranoid After All
Dick Cheney famously disclosed a few years ago that he had the wireless function of his pacemaker disconnected while he was Vice President because he was concerned that hackers might fiddle with the device remotely and do him harm. We at the Drug and Device Law Blog can’t help but wonder whether the Veep placed himself ahead of or behind the risk-benefit curve. Sure, he mitigated the risk that some malicious and very clever hacker would successfully target him. But he also disabled an important feature of a device that was intended to protect and extend his life.
Was he better or worse off? We don’t know. We do know that when we first learned about wirelessly connected implanted medical devices, we were amazed by technology that appeared straight out of Star Trek. You know, like when Bones would treat some befallen Enterprise crew member in a color-coded T-shirt by waving a handheld device over his or her clothed skin. That’s how we pictured connected devices like cardiac defibrillators—capable of transmitting telemetry, issuing warnings, accepting software upgrades, taking commands, and otherwise treating human frailty—remotely and without the need for any invasive procedure.
The potential benefits to health are tremendous, and wireless connectivity is now common in numerous types of medical devices, implanted and not. But what about the potential risks? We are told that Cheney’s paranoia became the basis for an episode of Homeland, a show we have never seen, but that apparently involved a fictional Vice President harmed by pacemaker hackers with malice aforethought. (Although we have never watched Homeland, we have seen every episode of Veep, which stars Julia Louis Dreyfus as a different fictional Vice President (and later President) and is wickedly funny, but so profane that our mother-in-law elected to leave the room rather than watch it. But we digress).Continue Reading Medical Device Cybersecurity: Maybe Dick Cheney Was Not So Paranoid After All
Privacy of Medical Information: Still No Harm, Still No Foul
We expanded our practice into data privacy and security out of practical necessity. Expectations surrounding privacy of personal information are evolving, and the laws that regulate data privacy change every day, generally to expand protection for private information. Another thing that has changed is that we used to say that drug companies and medical device…