Beware New 'E-Prescriptions'

Electronic prescriptions may be the cure for a doctor's bad handwriting, but they also carry an unhealthy dose of legal risks for the ill-prepared. That's what health-care-law attorneys are advising the medical profession as it embraces “e-prescribing” ' a rapidly growing practice whereby doctors are ditching pen and paper to order prescriptions through cyberspace.

A Growing Trend

In 2007, more than 35 million prescription transactions were sent electronically, a 170% increase from the previous year, according to the Center for Improving Medication Management, and the eHealth Initiative. The number of health-care providers who write e-prescriptions was also expected to more than double last year, from 35,000 in 2007 to at least 85,000 by the end of 2008.

Proceed with Caution

Attorneys, meanwhile, are warning to proceed with caution, stressing that e-prescriptions open the door to liability on a number of fronts. If medical identity theft or data theft occurs, a doctor could be held liable because the theft occurred on his or her computer. If someone unauthorized to use the computer writes a prescription for him- or herself, a friend or a relative, the doctor could again be held liable for not safeguarding the system from unauthorized users. And if hackers pretending to be doctors get into a system and start filling prescriptions illegally, the software companies and hand-held device manufacturers could face liability for making an easy-to-hack product.

Even pharmacies could be held liable, lawyers note, if drugs go to the wrong people, for the wrong reasons, and prescription abuse is suspected. “I think there's liability to be had all around, which is why I think security and coding are becoming such major issues in this field,” said health-care law specialist Helenemarie Blake of Miami's Fowler White Burnett. Blake noted that another problem facing e-prescribers is the lack of uniform regulations and laws. “You don't have a general codification of how things should be done, and by what means,” Blake said. “You've got 50 different ways of doing things.”

E-Prescriptions and the Law

Currently, e-prescriptions are covered under the federal Health Insurance Portability and Accountability Act (HIPAA). All 50 states also have e-prescribing laws, but they vary state to state.

For example, California allows doctors to make generic versus brand-name substitutions online. Texas allows it, too, but when Medicaid is involved, a handwritten prescription must accompany a request for brand-name substitution. And in New York, a prescription change requesting a generic or brand-name switch must include handwritten initials by the doctor, who must also meet font and design requirements to make such changes online.

To limit their legal risks, doctors should avoid e-prescribing on hand-held devices or laptops, said Mary Jean Geroulo of Stewart Stimmel, a health care law firm in Dallas, who represents physician groups and hospitals. “We shouldn't even put information like that on laptops,” she warned. “That's living dangerously and it will get stolen.”

Tresa Baldas is a staff reorter for the National Law Journal, an Incisive Media sister publication of this newsletter, in which this article first appeared.

Electronic prescriptions may be the cure for a doctor's bad handwriting, but they also carry an unhealthy dose of legal risks for the ill-prepared. That's what health-care-law attorneys are advising the medical profession as it embraces “e-prescribing” ' a rapidly growing practice whereby doctors are ditching pen and paper to order prescriptions through cyberspace.

A Growing Trend

In 2007, more than 35 million prescription transactions were sent electronically, a 170% increase from the previous year, according to the Center for Improving Medication Management, and the eHealth Initiative. The number of health-care providers who write e-prescriptions was also expected to more than double last year, from 35,000 in 2007 to at least 85,000 by the end of 2008.

Proceed with Caution

Attorneys, meanwhile, are warning to proceed with caution, stressing that e-prescriptions open the door to liability on a number of fronts. If medical identity theft or data theft occurs, a doctor could be held liable because the theft occurred on his or her computer. If someone unauthorized to use the computer writes a prescription for him- or herself, a friend or a relative, the doctor could again be held liable for not safeguarding the system from unauthorized users. And if hackers pretending to be doctors get into a system and start filling prescriptions illegally, the software companies and hand-held device manufacturers could face liability for making an easy-to-hack product.

Even pharmacies could be held liable, lawyers note, if drugs go to the wrong people, for the wrong reasons, and prescription abuse is suspected. “I think there's liability to be had all around, which is why I think security and coding are becoming such major issues in this field,” said health-care law specialist Helenemarie Blake of Miami's Fowler White Burnett. Blake noted that another problem facing e-prescribers is the lack of uniform regulations and laws. “You don't have a general codification of how things should be done, and by what means,” Blake said. “You've got 50 different ways of doing things.”

E-Prescriptions and the Law

Currently, e-prescriptions are covered under the federal Health Insurance Portability and Accountability Act (HIPAA). All 50 states also have e-prescribing laws, but they vary state to state.

For example, California allows doctors to make generic versus brand-name substitutions online. Texas allows it, too, but when Medicaid is involved, a handwritten prescription must accompany a request for brand-name substitution. And in New York, a prescription change requesting a generic or brand-name switch must include handwritten initials by the doctor, who must also meet font and design requirements to make such changes online.

To limit their legal risks, doctors should avoid e-prescribing on hand-held devices or laptops, said Mary Jean Geroulo of Stewart Stimmel, a health care law firm in Dallas, who represents physician groups and hospitals. “We shouldn't even put information like that on laptops,” she warned. “That's living dangerously and it will get stolen.”

Tresa Baldas is a staff reorter for the National Law Journal, an Incisive Media sister publication of this newsletter, in which this article first appeared.