hammer-802296_1920by Michael H. Cohen, JD

When establishing your functional medicine practice, you’ll be wading into clinical waters that are often navigated by many medical colleagues, yet not necessarily adopted within the mainstream medical community.

Recently, a physician contacted our office about setting up her own functional medicine practice.

She was working in a large, multi-specialty medical group.

She planned to start as a sole physician, but eventually grow into a multidisciplinary, integrative care medical clinic with chiropractors, acupuncturists, massage therapists, and a Reiki practitioner. With a background in functional and integrative medicine, she wanted to spread her wings beyond the constraints of a restrictive clinical environment.

She asked for input on consent forms, liability issues, insurance, and related legal and regulatory issues. We’ve changed the facts and anonymized client details, to provide some legal tips below.

1. Address Standard of Care Issues

Because integrative and functional medicine is not fully adopted by the medical community, it’s important to be sure that any therapies or modalities offered are legally defensible, in case of later regulatory scrutiny or investigation.

Documenting the therapeutic reasons behind a particular choice can help establish that thoughtful, well-informed medical decision-making was in play.

In the medical board’s eyes, standard of care may be whatever the medical board decides, when it brings in a medical expert—who may be more on the conventional side or at worst, biased against complementary and alternative medicine (CAM) therapies. For this reason, it’s important to establish credibility.

As well, it’s important to provide good documentation that the patient received a full and robust informed consent. This includes documenting that the patient was told of conventional vs. integrative choices (including nutritional and lifestyle, and functional medicine approaches), and that the patient made a voluntary, intelligent, and knowing choice informed by strong disclosures.

In legal terms, having a “respectable minority” that believes in a particular therapeutic approach is, in many states, considered a defense to malpractice. This assumes that the physician was not otherwise negligent in the common sense meaning of the term (i.e., by being careless). Different choices can be respected, if therapeutically supported.

And, failed informed consent is an alternate theory of medical malpractice to negligence. So maintaining strong informed consent can serve as a defense to a plaintiff’s attack on this ground.

2. Use a Professional Corporation

In many states, clinical practice can only operate through a professional corporation (PC), or in this case, a professional medical corporation (PMC).

Using a professional corporation has several advantages. First, a corporation in most (but not all) cases provides protection against personal liability for exposures such as liability for slips-and-falls, or for breach of contract. It’s the corporation that faces liability, not the person.

There is an exception for professional services—that is, a negligent physician can be personally liable for malpractice, and is not necessarily protected by the corporation. But in general, a corporation can provide a shield.

In some states, a PC is not required. For example, Arizona law provides that: “A domestic or foreign professional corporation may render professional services in this state only through individuals licensed in this state to render the services.” However, this does not prohibit a licensee (for example, a medical doctor) from rendering professional services through a general corporation.

The second advantage of a PMC, whether or not required by law, is to help buttress the physician against corporate practice of medicine concerns. Non-physicians and corporations cannot practice. If the practice of medicine is housed within a PMC, that helps create a clearer separation between the clinical/medical care on one hand, and administrative, management, and marketing functions on the other.

3. Identify Insurance Needs and Clarify Various Issues

In addition to getting the PC and clarifying standard of care and informed consent policies, contact a knowledgeable insurance broker to get recommended coverage, including:

• Professional liability insurance
• Premises liability insurance
• General umbrella liability coverage
• Cyber-liability coverage (for HIPAA and data breach issues)

If you’re already employed within a hospital or medical group or in another medical setting, check out the existing arrangements regarding contracts with third-party reimbursement carriers.

For example:

• Are you in-network and bound by existing insurance contracts as a participating physician?
• Do those contracts require insurance company consent before you bill outside those arrangements?
• Are you bound to submit all claims through the insurer, whether services are delivered on-site with your employer or elsewhere? Can you break away?
• Do the contracts follow you personally, or your employer?
• Is permission from your employer required?

Sometimes we advise clients to write the insurance company and/or head of department to basically announce what the physician plans to do in his or her new practice; asserts that the physician is not bound in that practice by existing insurance arrangements with the employer; and asking that the insurer write within 30 days if it disputes this assertion, as silence will constitute acquiescence.

4. Understand Your Privacy & Security Obligations

If you are submitting claims electronically for reimbursement, you are under HIPAA. This subjects you to all the privacy and security obligations of HIPAA. Simply having an electronic medical record (EMR) system that says “HIPAA compliant,” is not enough.

HIPAA obligations include:

• Appoint a Privacy Officer
• Appoint a Security Officer
• Have a Privacy & Security Manual that is specific to your healthcare facility or institution. The Manual should include Privacy and Security policies, procedures, and forms.
• Ensure that all staff have HIPAA training
• Perform a security risk assessment and address security vulnerabilities

Remember that HIPAA liability can extend even to small or solo practices.

Even if you’re not technically under HIPAA (for example, as a cash medical practice), you are still subject to state privacy and security law obligations. Although they may not be spelled out with the same level of detail as HIPAA, they still require you to make compliance efforts.

5. Distinguish Medical/Clinical Practice from Health Coaching

Our physician clients often want to care for their patients when the patients travel to other states. This is telemedicine—medical practice at a distance (usually via the Internet, including email and Skype; though some states include phone contact).

During a telemedicine visit with your patient, you will be subject both to the telemedicine laws of your state and those of the state where the patient is located (the “remote” state). It’s important to get telemedicine legal counsel to be sure you don’t run afoul of either state’s laws.

Practicing medicine without a license is criminal under state law. So if you’re not licensed in the remote state, this can be an issue.

Some physician clients want to get around these requirements by saying that they are only doing “health coaching.”

That’s fine, as long as they are aware that there’s a slippery slope between health coaching, on one hand; and medical advice, on the other. “Medicine” is typically defined under state law as diagnosing and treating, a term that usually means giving advice to an individual patient about what they can do.

While we strive to define the activities of our corporate, telemedicine clients as non-medical—as merely giving information and education online—this may be a more uphill legal climb for individual physicians, who have their medical licenses on the line.

Telemedicine is becoming more and more the norm; but many states still have rules that were put in place before, or during the early days of the Internet. So it’s dangerous to assume that one can just call an activity “health coaching” and carve it out by fiat; and, it’s important to distinguish clinical activities from informational ones.

Editor’s note: Your reading this article does not create an attorney-client relationship with its author or with the Michael H Cohen Law Group. This article is not legal advice or opinion, but merely an informational, educational piece. If you want legal advice, please consult an attorney regarding your situation.


michael-cohenAbout the Author

The Michael H. Cohen Law Group counsels health technology companies and providers on healthcare legal issues and FDA legal and regulatory matters. Legal counsel includes corporate and transactional healthcare matters, healthcare regulatory compliance, and healthcare litigation and dispute resolution. Attorney Michael H. Cohen is an internationally recognized author, speaker on healthcare law and FDA law, and expert in developing legal strategies for healthcare ventures, including integrative medicine, anti-aging and functional medicine, telemedicine and concierge medicine.