WannaCry Predicted to Mushroom This Weekend

It is highly recommended that individuals and organizations using Microsoft Enterprise  tools and Windows operating systems confirm that their technology was properly patched with Microsoft Security Bulletin MS17-010, released March 14, 2017. As of the date of this Alert, ransomware known as WannaCry infected computers in 99 countries in less than 14 hours, primarily on systems which failed to install the MS17-010 patch. WannaCry operates by encrypting user files and systems, which cannot be unlocked by users without paying a ransom or through complex systems auditing and code removal.

We predict instances of WannaCry will mushroom in the U.S. this evening as students and professionals begin returning home and check emails from personal devices. Anecdotal evidence has shown that WannaCry can jump from personal devices to enterprise servers, and vice versa, through virtual private networks, the main conduit for distance learning programs and telecommuting platforms. We advise that all clients remain vigilant in updating and patching their technology on an immediate basis, as WannaCry is yet another example of the costs of remediation far exceeding prevention.

Companies with systems that are exposed to WannaCry may have disclosure responsibilities for customers and insurers, as well as other regulatory requirements under state and federal law.

For more information regarding WannaCry and other technology security inquiries, please contact Michael Salad at msalad@cooperlevenson.com or Peter Fu at pfu@cooperlevenson.com in the firm’s cyberliability practice group.

Privacy, Mass Data and the Apple Dilemma

On February 16, 2016, Magistrate Sheri Pym of the United States District Court of Central California ordered Apple Inc. (“Apple”) to affirmatively develop tools to bypass or disable the auto-erase function on an iPhone 5C owned by the target of a criminal investigation, to enable the Federal Bureau of Investigations (“FBI”) to circumvent native iPhone security features which protect the device’s “physical device port, Bluetooth, WiFi” and other access points, and to “ensure” the FBI’s ability to have unmitigated access to user data maintained on the target iPhone. Though Magistrate Pym’s order is only three pages long, the order will likely have long-lasting impact on the future of the legal and technology industries if it survives Apple’s anticipated appeal.

For readers without a background in engineering or platform development, each smartphone, including the iPhone, is a digital bank trading in the currency of data. The operating system, which enables users to manage their applications, is like the main vault of a financial bank. Similarly, each application is like a personal deposit box. Applications generally differ in purpose and use, and as such, maintain different types of data. Some applications may contain sensitive financial information, i.e. Google Pay, Amazon, etc., and other applications may contain personal data like text messaging services, e-mail accounts, etc. However, the common thread linking all applications is their collective dependency on the underlying security of the host hardware and operating system.

Magistrate Pym’s order upsets the balance of smartphone security in two major ways. First, in ordering Apple to develop the tools to bypass the iPhone’s point of access security measures, Apple is now required to create a backdoor to the iPhone’s data vault. Second, in ordering Apple to ensure the FBI’s ability to access iPhone user data without triggering the iPhone’s auto-erase features, Apple is now also required to create a backdoor to each application hosted in the iPhone’s data vault. Generally, hardware and software developers limit points of access to reduce the surface area of risk and because of longstanding knowledge in the technology community that all points of access can be breached. As such, the Pym order exponentially increases the vulnerability of all iPhone devices and applications, especially because the backdoors mandated by the order must have the ability to bypass, circumvent or even disable the iPhone’s built-in security features.

Magistrate Pym’s order also has an enormous effect on mass data. While the tools being compelled by the order are intended to be used on only one iPhone, once these tools are developed, they can be utilized against all iPhones that have been updated or patched since August 2015. This represents approximately 68.2 million unique devices in the United States alone. In essence, Magistrate Pym’s order is akin to requiring all financial banks to build backdoors to every vault and deposit box in order to investigate a single bank robbery.

Magistrate Pym’s order represents one of the first instances, outside of the U.S. Foreign Intelligence Surveillance Court and the U.S. District Court for the District of Columbia, that a court has ordered a manufacturer or developer to non-consensually create a means to undermine or defeat a company’s primary line of business. Unfortunately, and unlike the orders arising from the U.S. Foreign Intelligence Surveillance Court and the U.S. District Court for the District of Columbia, Magistrate Pym’s order was not sealed. As such, if Apple complies with Magistrate Pym’s order, every hacker would know about the existence of a skeleton key that can be used to access data that is maintained and transmitted from an iPhone.

Aside from Magistrate Pym’s order, the issue of granting any actor unfettered access to millions of iPhones raises concerns about the prudence of mass data collection capabilities. In the instant case, the government has asked for tools that can be used to collect data from nearly 90% of all iPhone devices. Presumably, any data collected from these tools will be documented and recorded by the requesting agency or agencies. However, as evidenced by the multitude of data breach incidents in 2015 alone, almost all individuals holding government security clearances have had their personnel files subject to unauthorized access and disclosure. As such, serious consideration must be given to whether it is possible to protect digital backdoors and skeleton keys before ordering the creation of such tools.

Michael L. Salad is an attorney in Cooper Levenson’s Business & Tax and Cyber Risk Management practice groups. He concentrates his practice on estate planning, business transactions, mergers and acquisitions, tax matters and cyber risk management. Michael holds an LL.M. in Estate Planning and Elder Law. Michael is licensed to practice law in New Jersey, Florida and the District of Columbia. Michael may be reached at 609.572.7616 or via e-mail at msalad@cooperlevenson.com.

Peter Y. Fu is an attorney in Cooper Levenson’s Business & Tax and Cyber Risk Management practice groups. He concentrates his practice on sales and use tax, enterprise risk management, and commercial transactions. Peter is licensed to practice law in New Jersey and Florida. Peter can be reached at 609.572.7556 or via e-mail at pfu@cooperlevenson.com.

Legal Ethics Of Email Seminar

December 14 in Atlantic City and December 15 in Cherry Hill, N.J.

Atlantic City, N.J. December 1, 2015 -Attorneys, paralegals and other professionals interested in learning about the ethical questions surrounding email may attend a half-day seminar hosted by the National Business Institute. The seminar will be held on Monday, December 14, 2015 from 8:45 a.m. to 12 noon at the Sheraton Atlantic City Convention Center Hotel, 2 Convention Blvd., Atlantic City, N.J. The seminar will be repeated on Tuesday, December 15, 2015 from 8:45 a.m. to 12 noon at the Holiday Inn Cherry Hill, 2175 Marlton Pike, Cherry Hill, N.J.

Frederic L. Shenkman, partner with Cooper Levenson, P.A., is one of three presenters who will discuss the ethical challenges of email, including privacy concerns, data security, and inadvertent disclosure. Some of the questions to be addressed include, “Is email protected under the 4thamendment?” and “Does the email you delete really disappear?” The presenters will share tips, risks and best practices, including practical guidance and tools for ethical compliance.

Shenkman has decades of experience in both transactional work and commercial litigation. He has lectured extensively on general equity and attorney ethics to various bar associations and Inns of Court. He served as chairperson and as secretary of District 1 of the New Jersey District Ethics Committee.

Cost for the seminar is $239. Participants receive Continuing Legal Education Credits valid in New Jersey, New York and Pennsylvania. For more information on the Atlantic City seminar, visit http://bit.ly/1I1K2ys. For more information on the Cherry Hill seminar, visit http://bit.ly/1Hd1yj2.

Cooper Levenson is a full service law firm since 1957, with 75 attorneys and New Jersey offices in Atlantic City and Cherry Hill. The firm has regional offices in Bear, Del., and Las Vegas. For more information, visit www.cooperlevenson.com.

Smartphone is Key to Preventing ATM Thefts

SALAD FU HEAD SHOTS.jpgTheft of personal identification numbers (PINs) has become so common that it is usually only reported in the news if it occurs in your local area, as it did in our neighboring town of Margate, New Jersey in September 2015 (http://bit.ly/1huJcxB).

By now, most people know that they need to be very careful in safeguarding the PINs associated with debit cards, including covering their hands at ATMs when entering their PIN to prevent thieves from capturing their information on hidden cameras. However, there are two preventative measures that are often overlooked.

First, customers may use the drive-through option or walk into a bank and avoid an ATM altogether. As a result of the banking industry’s efforts to increase staff and drive-through teller lanes, after-hour visits to banks are often as convenient as using an ATM.

The second involves your smartphone. If you have to use an ATM, you should check the ATM for unusual wireless transmissions. This can be performed by accessing the wireless network settings on your smart phone to see if the phone is picking up 3G, 4G, Bluetooth or Wi-Fi signals that are suspicious. Under normal circumstances, ATMs are generally located near convenience stores like Wawa or 7-Eleven. As such, seeing wireless signals entitled “Wawa Wireless” or “7-Eleven Data” can be expected. Issues arise when signals with uncommon and unexpected names like “Free2Move,” “MSR-60” or “Wincorp Nixdorf” are being transmitted near an ATM. The process of checking for suspicious signals takes a maximum of three movements on most smart phones, allowing you to proceed with your transaction with minimal inconvenience.

As ATM thieves become more sophisticated, use of traditional devices like cameras and telescopic lenses are becoming less common. Instead, thieves are now infiltrating ATMs through ATM technicians who install wireless devices which wirelessly “skim” your data in exchange for a fee. As such, your first line of defense against ATM thieves is to check for transmission of wireless signals around an ATM. As a general rule, the existence of multiple wireless networks around an ATM is highly suspicious. Therefore, you should avoid using such ATMs and alert your local police about the ATM.

Peter Fu is an attorney in Cooper Levenson’s Business & Tax and Cyber Risk Management practice groups. He concentrates his practice on sales and use tax, enterprise risk management, and commercial transactions. Peter is licensed to practice law in New Jersey, and is pending admission to Florida. Peter may be reached at 609.572.7556 or via e-mail at pfu@cooperlevenson.com.

Michael Salad is an attorney in Cooper Levenson’s Business & Tax and Cyber Risk Management practice groups. He concentrates his practice on estate planning, business transactions, mergers and acquisitions, tax matters and cyber risk management. Michael holds an LL.M. degree in Estate Planning and Elder Law. Michael is licensed to practice law in New Jersey, Florida and the District of Columbia. Michael may be reached at 609.572.7616 or via e-mail at msalad@cooperlevenson.com

Social Media Policy

Implementing and enforcing social media policies has been a top priority for many employers within recent years, and with good reason. It is now crucial that employers take a careful look at their own social media policies. The National Labor Relations Board (NLRB) has issued opinion memoranda which equate “comments” and “likes” on Facebook and other social media pages with the concerted activity protected by the National Labor Relations Act [the Act].

It is important for all employers to recognize that the Act and the NLRB’s decisions apply to them and not solely to those with a unionized workforce. This may come as a surprise to many employers, especially those who have no experience with unionization and related issues.

Specifically, the NLRB considered various factual scenarios in an apparent effort to explain whether social media policies prohibiting employees from posting disparaging comments regarding the employer, its managers or supervisors, violate the Act. In some circumstances, the NLRB found that the comments were protected and that discipline or retaliation against the employee was improper, whereas, in others they found posts and comments to be unprotected and for it to be lawful to discipline the employee in question.

In one example provided by the NLRB, a truck driver was traveling to Wyoming from his native Kansas. When he reached Wyoming he was unable to proceed due to closed roads and for a period of time, he was unable to reach anyone at his employer’s place of business. This employee commented on his Facebook page that his company was running off all of the good and hardworking drivers. No employees joined this conversation, however, the Operations Manager of the truck driver’s employer commented and the employee and the Operations Manager engaged in a discourse on Facebook. The Operations Manager threatened the truck driver to remove the comment and the driver was demoted. Here, the NLRB determined that the comment by the truck driver was “just venting” and was not protected by the Act. Therefore, the discipline was not forbidden.

Quite the opposite, another example provided a situation where an employee of a veterinary hospital posted a comment reflecting her frustration with the promotion of another employee. Three friends/co-workers of the employee commented and a discussion ensued regarding the employee who was promoted, the general mismanagement of their employer, and some specific issues they had with the employer. The employer terminated the employee, one commenter and disciplined the other two. The NLRB determined that the employees were engaged in protected activity and that this discipline constituted unlawful retaliation under the Act.

Additional examples were provided by the NLRB, highlighting the significance of each particular fact of a given situation. If your business is confronted with an employee making disparaging remarks, you should seek counsel with an experienced attorney before taking action against the employee. Further, you should review your business’s own social media policy to ensure that it complies with the Act. Cooper Levenson maintains an Employment Law practice group available to you for such questions and assistance.

New Ada Rules May Require Changes At Your Swimming Pool

The 2010 Americans with Disabilities Act (“ADA”) Standards for Accessible Design (the “2010 Standards”) went into effect on March 15, 2012. The 2010 Standards establish new requirements for amusement rides, boating facilities, golf & miniature golf facilities, swimming pools and play areas, clarify issues concerning reach ranges, toilet room dimensions and accessible routes, the dispersion of accessible hotel rooms among the different classes of rooms provided, and the overlap between wheelchair accessible rooms and rooms with communication features for entities governed by the ADA. Title III of the ADA governs public accommodations and commercial facilities.

2010 Standards Require Accessible Swimming Pools & Spas
The most controversial of the 2010 Standards is the requirement that all newly constructed or altered swimming pools and spas (hot tubs) at Title III entities be accessible to persons with disabilities. With regard to existing swimming pools, the 2010 Standards require that commercial facilities and places of public accommodation remove physical barriers to the extent that it is “readily achievable,” i.e., easily accomplished without much difficulty or expense. The deadline to conform was extended 60 days from March 15, 2012 to May 14, 2012 and may be extended an additional 180 days.

Compliance with the 2010 Standards requires the installation of one or more fixed pool lifts; it is not clear whether a portable lift will be satisfactory.

Is it “Readily Achievable” For You To Install A Pool Lift To Make Your Swimming Pool & Spa Accessible
The 2010 Standards require that existing swimming pools and spas at commercial facilities and places of public accommodation remove physical barriers to the extent that it is “readily achievable,” i.e., easily accomplished without much difficulty or expense. There is no “quantifiable connection” or other mathematical formula to determine if barrier removal is “readily achievable.” Moreover, according to the Chief, Disability Rights Section, U.S. Department of Justice, “it is important to reemphasize that determining whether removal of a particular barrier is readily achievable requires a case-by-case assessment that may vary from business to business and sometimes from one year to the next for the same business. If a public accommodation determines that its facilities have barriers that should be removed pursuant to the ADA, but it is not readily achievable to undertake all of the modification immediately, the Department recommends that the public accommodation develop an implementation plan designed to achieve compliance with the ADA’s barrier removal requirements over time. Such a plan, if appropriately designed and diligently executed, may well serve as evidence of a good faith effort to comply with the ADA’s barrier removal requirements.”

Does The 2010 Standard For Accessible Swimming Pools & Spas Apply To You
Title III of the ADA applies to commercial facilites and public accomodations. A commercial facility includes nonresidential facilities, such as office buildings, factories, and warehouses, whose operations affect commerce. A public accommodation is an entity that owns or operates a place of public accommodation. A place of accommodation is a facility whose operations affect commerce and is:
a place of lodging,
an establishment serving food or drink,
a place of entertainment,
a place of public gathering,
a sales or service establishment,
a place of public display, recreation or education,
a social service center establishment, or
a place of exercise or recreation (e.g. gym).

Although a condominium or apartment building is a residential facility which is not governed by the 2010 Standards, they may apply to places of public accommodation within residential facilities. For example, an area within a multifamily residential facility will qualify as a place of public accommodation IF the use of the area is not limited exclusively to owners, residents, and their guests. ADA Title III Technical Assistance Manual Covering Public Accommodations and Commercial Facilities, III-1.2000, p. 10.


Hotels and motels should immediately investigate the cost of creating a barrier free swimming pool and spa as there is no guarantee that the deadline will be extended a second time. A spokeswoman for the U.S., Department of Justice Civil Rights Division Disability Rights Section said there is no criminal penalty for failing to install the lifts, but a civil penalty may be pursued. In addition to the possibility of a civil penalty levied by the Department of Justice, a disabled person can file a lawsuit to ensure that the barriers are removed and the court will require the non-compliant party to pay all legal fees. Title III entities may be eligible for a federal tax credit for small businesses (IRC section 44) or deduction (IRC section 190) for barrier removal costs or alterations to improve accessibility regardless of the size of the business.

Work-place Injuries Causing Interruption In Service Do Not Prevent Teachers From Attaining Tenure

On May 8, 2015, the Appellate Court addressed the issue of whether a petitioner, who was on medical leave for a work-related injury, attained tenure despite an interruption in service. In Kowalsky v. State-Operated School District of the City of Newark, Essex County, a petitioner worked as a teacher for two months before he was severely beaten by a student in November, 2005. The authorized treating physician did not return him to work until October, 2006. The petitioner worked for 11 months and was again placed out of work for the 2006-2007, 2007-2008, and 2008-2009 school years. The petitioner returned to work on September 1, 2009. While he was out of work, he was provided full salary, health insurance, and pension contributions.

The petitioner worked for the 2009-2010 school year. During the 2010-2011 and 2011-2012 school years, he was evaluated as a tenured teacher. On August 2, 2012, the petitioner received notice that his position was terminated due to his non-tenured status coupled with budgetary restraints.

The ALJ determined that the petitioner achieved tenured status and stated that he was an employee for three years and one day in a four year period because pension and other benefit contributions were continuously made on his behalf. The Commissioner rejected the ALJ’s determination and found that the petitioner had not achieved tenured status.

The Appellate Court reviewed the Tenure Act and noted that continuous employment exists notwithstanding the mere occasional absence of a teacher by reason of illness or excuse. In determining that the petitioner achieved tenured status, the Appellate Court considered the fact that the Board of Education evaluated the petitioner’s performance and provided full salary, health insurance, and pension contributions. The Appellate Court reinstated the ALJ’s determination that the District recognize the petitioner’s right to tenure and reinstate him retroactive to September 1, 2012, together with the salary and benefits owed to him, less monies earned during the period of unlawful termination.

Proposed Bill Marks Significant Overhaul In Healthcare: Will Limit Out-of-network Fees Charged For Urgent And Emergency Care; Mandate Hospital Transparency

On May 14, 2015, New Jersey lawmakers introduced a proposed landmark bill that, if passed, will represent a major overhaul of out-of-network medical care charges, current billing practices, and have a significant impact on hospitals and urgent care centers providing services on an out-of-network basis. Dubbed protection for consumers against surprise medical bills and a way to control rising medical costs, The Out-of Network Consumer Protection, Transparency, Cost Containment and Accountability Act (A4444) comes after a decade of debate and failed efforts to curb out-of-network medical costs in the State, and is part of a rising national trend to do the same. Sponsors of the Act believe that this will create transparency and cap out-of-network charges which are generally understood to add to the costs throughout the system. Providers believe that the Act will force them to agree to fees that they may find unreasonable and will slant the playing field towards managed care providers. Key features of the Act include:

* Healthcare facilities and their physicians will be prohibited from billing a patient for out-of-network urgent care or emergency care in amounts that are greater than the patient’s insurance plan would allow for in-network services;

* Healthcare facilities and physicians will be required to give patients a statement that identifies the medical professionals providing the care, whether they are in network or not, and how much the procedure costs, at least 30 days prior to an elective procedure;

* Under the new bill, patients would not incur any out-of-pocket costs beyond what he would have paid in-network unless he “knowingly, voluntarily, and specifically selected an out-of-network provider.”

* The Department of Banking and Insurance will be authorized to designate an organization to gather and analyze healthcare cost data and create a health-price index for any given urgent or emergency care service;

* Healthcare facilities will be prohibited from billing an out-of-network patient’s insurance carrier for amounts exceeding 2.5 times the median price established by a health-price index for any given out-of-network procedure;

* Insurance companies and healthcare facilities will have the option of entering binding arbitration when they cannot agree on out-of-network costs;

* At least every 20 days, insurance carriers must publish an updated list of out-of-network providers.

* Penalties for hospitals and other healthcare providers ranging from $1,000 to $25,000 per occurrence for failure to comply with the Act.

A4444 is still in its infancy stages with the first Stakeholders’ meeting having taken place on May 22, 2015; lawmakers took comments from physicians’ groups, hospitals, consumer advocates, and other industry leaders, leading to a statement by the head of the committee overseeing health insurance that changes to the initial proposed bill would be made, though there is no indication as to the type of changes that will be made moving forward. Hospitals and healthcare facilities are advised to keep abreast of the legislative situation, and engage in the process as much as possible, because as written, A4444 has the greatest impact on healthcare providers. While leaders in the healthcare industry have offered mixed reactions to the proposed bill, healthcare providers are of the general consensus that A4444, as is, represents a gift to managed care entities that will have deleterious effects on the finances of hospitals and other healthcare facilities, and on their ability to negotiate with managed care entities.

In response to mounting concerns about the impact of A4444 and the perceived slant in favor of managed care entities, CarePoint Health recently proposed an alternative form of payment reform with the goal of finding a solution that can sustain the current health care system and provide equitable reimbursement for patients regardless of insurance status. In addition, The Medical Society of New Jersey has taken the physician-based position that all that is necessary to create valuable reform is to pay physicians fairly and provide fair contract terms that will encourage physicians to join networks, thereby dissipating the out-of-network issue.

Hospitals are advised to consider all of the potential impacts A4444 will have, and take a proactive approach to proposing alternative ideas for lawmakers to consider in shaping a bill that will be fair for insurance carriers and providers alike.

East Coast Gaming Congress To Address Cyber Security & Compliance

A new panel added to the lineup of the 19th Annual East Coast Gaming Congress will address the growing threat of cyber attacks in the context of online gaming. The Cybersecurity & Compliance panel will take place from 10:40 a.m. to 11:55 a.m. on Thursday, May 28 in Studio 1 at the Borgata Hotel & Casino in Atlantic City, N.J. The East Coast Gaming Congress, featuring the iGaming Institute, is being held May 27-28, 2015 at that location.

Online gambling providers experienced an unprecedented number of adverse cyber events in 2014, according to ECGC organizers. Industry leaders will discuss whether these are growing pains of online gaming, or a new frontier of casino risks. The panel will present a framework on avoidance and mitigation strategies against tomorrow’s digital adversaries.

Williams Hughes, Esq., partner, Cooper Levenson Attorneys at Law, will serve as moderator for the panel. Speakers will include Tom Brennan, president, NYC Metro Chapter, Open Web Application Security Project; Anthony Mongeluzo, president, Pro Computer Services; Michael Nelson, partner, DFDR Consulting; and David Weinstein, deputy director/cybersecurity advisor, New Jersey Office of Homeland Security and Preparedness.

Deputy Director Weinstein is New Jersey’s first Cybersecurity Advisor. He has been recognized by Forbes magazine as a “top cyber-policy expert” and his analysis and commentary have been featured in numerous media and academic publications, including the Georgetown Journal of International Affairs, the US Naval Institute’s Proceedings, Foreign Affairs, Foreign Policy, CNN.com, and The Boston Globe.

The East Coast Gaming Congress brings together key opinion leaders and stakeholders in gaming, from policymakers to legislators, gaming operators, advisors and suppliers. The East Coast Gaming Congress is the premier forum for gaming experts to share ideas, express concerns and articulate visions about the past, present and future of the gaming industry. For a full agenda, and more details about the East Coast Gaming Congress, visit http://www.eastcoastgamingcongress.com/events/.

The New Jersey Care Act: What Hospitals Need To Know

On May 12, 2015, the Caregiver Advise, Record, Enable (CARE) Act went into effect, 180 days after it was signed into law on November 13, 2014, making New Jersey the second state in the country to support family caregivers with legal mandates for identification, notification, and instruction given to caregivers on how to adequately care for loved ones who have been released from hospital care. The CARE Act enables hospitals to work cooperatively with a patient’s preferred caregiver to ensure every patient gets the level of care needed from that person with whom he or she feels most comfortable. Pursuant to the CARE Act, hospitals are now required to:

1. Provide every patient with the opportunity to identify a designated family caregiver upon admission;
2. Notify the designated caregiver once a discharge or transfer plan is in place; and
3. Provide the designated caregiver, prior to the patient’s discharge, with adequate in-person instruction

and/or training for the care of the patient following the patient’s discharge from the hospital.

Notably, and in recognition of New Jersey’s public policy favoring patient rights, the CARE Act requires hospitals to provide every admitted patient with the opportunity to identify a caregiver, but does not require a patient to designate one. Moreover, patients are permitted to withdraw their designation of caregiver at any time. Compliance with the CARE Act will benefit patients as well as hospitals since readmissions should be reduced as a result of a caregiver’s proper instruction and/or training.

Because approximately 1.7 million New Jersey residents currently care for loved ones at home, the law’s potential impact on hospitals is immense, particularly because compliance with the CARE Act implicates other areas of the law. Most notably, the requirement that hospitals provide designated caregivers with adequate instruction for the care of a patient following discharge from the hospital implicates privacy laws and HIPAA, as compliance with the CARE Act can involve the release of protected health information to the designated caregiver.

Effective Compliance with the CARE Act Includes Consideration of Caregiver Needs

Because the CARE Act was signed into law on November 13, 2014, but did not go into effect until now, hospitals should have already put into place policies and procedures to educate their staff on the law, to notify patients, to capture the necessary information, and to ensure that identified caregivers are properly trained. These processes can be responsive to data captured in various patient surveys, as well as other concerns including those identified in a research study conducted by the Rutgers Center for State Health Policy. This recent study entitled “Supporting Family Caregivers in New Jersey,” identifies specific areas in which caregivers would like additional assistance in carrying out their roles as caregivers. These areas include:

1. Additional information on available services and resources for the patient;
2. Education on the patient’s disease or ailment;
3. Mechanisms for coping with stress;
4. Improved communication with health care professionals.

Though the CARE Act does not explicitly require hospitals to provide any of the additional assistance identified by the Rutgers survey, hospitals are encouraged to consider the types of assistance identified by caregivers in reviewing and revising their policies to guarantee the hospital not only complies with the basic requirements of the Act, but also produces the most effective results which, in time, will reduce hospital readmissions and benefit the patient.

Review of Existing Hospital Policies and Consent Forms Necessary to Comply with CARE Act

As part of their regulatory compliance and due diligence processes, New Jersey hospitals must ensure that they understand what does and does not comply with the CARE Act and take appropriate steps to satisfy the law’s requirements, if they have not already done so. Hospitals are advised to take a proactive approach to assessing the effectiveness of policies and procedures already put into place. This may include the review and revision of all relevant hospital policies and forms, including admissions forms and general consent forms to ensure that they adequately reflect both the CARE Act’s requirements and caregivers’ needs. As part of a general overhaul of outdated hospital policies and forms, or as part of a targeted review in connection with the CARE Act, it can often be a simple task to bring relevant hospital policies and forms into current compliance with the CARE Act.

Talk to a skilled health care attorney near you and get the representation you need to get the compensation you deserve.