Debra Rose worked for a company which provided health benefits to its employees. Due to severe illness, she needed a liver transplant. The company handling the health claim required Debra to sign an authorization; with that authorization, the claim management continuously notified Debra’s employer of her health status without her express permission. Once Debra’s employer learned of her dire medical condition and the increased expense they would incur to continue coverage of her health benefits, she was fired. Debra brought a claim against the claim management company for invasion of privacy and unfair business practices. The case is pending in the district court in California. Rose v. HealthComp, Inc., 2015 U.S. Dist. LEXIS 104706 (E.D. Cal. Aug. 10, 2015).
Debra’s claim was brought under state law but the claim administrator tried to dismiss it as preempted by ERISA. Debra alleged that the claim management company received private health information while performing case management duties under the health plan and improperly disclosed them to her employer. She alleges that by providing personal health information to her employer the claim administrator did not act solely in the interest of the employees and the beneficiaries but rather in the “competing interest of the employer, to provide the employer with notice that the employee would likely be incurring high medical costs”. The court agreed that Debra’s privacy and unfair business practice cause of action could be brought as a breach of fiduciary duty under ERISA but decided that California’s Constitution providing a right of privacy was violated and this violation is not preempted by ERISA because it arises independent of ERISA or the plan.
This case is reminiscent of another right of privacy case for a disabled employee, brought in California, Dishman v. Unum Life Insurance Company of America, 269 F. 3d 974 (9th Cir. 2011). In that case, while on claim, Dishman’s privacy was invaded by an investigative firm who conducted surveillance, elicited private information about Dishman’s employment status by falsely claiming to be a Bank Loan Officer, solicited information from neighbors and friends, obtained credit information by impersonating him and committed other false acts. The 9th Circuit Court of Appeals in Dishman decided that this conduct was an independent tort committed by this company and thus Dishman could continue her lawsuit against them in state court. The court’s turning point was use of the “but for” test, which means that if the cause of action would remain independent of a claim for benefits under ERISA then the state law cause of action was proper. In this case, the state law cause of action for disclosure of plaintiff’s medical information would exist regardless of the case management undertaken in administering the health plan.
The takeaway from these cases is that ERISA does not provide a cloak of protection against a third party’s tortious actions. If the surveillance company, investigator, or even third party claim administrator violates your rights, an action separate from the ERISA claim may be viable. We at Bonny G. Rafel, LLC as the Voice of the Disabled, often uncover actions by third parties performing investigations of our disabled clients that shocks us. It is wonderful that the courts are recognizing this private cause of action is not preempted (or prevented) by ERISA. While we keep a close watch on authorizations signed by our clients, and cross out items such as “bank statements”, “driving records”, which is completely irrelevant to a disability claim and invasive! We inform our clients to keep social networking to a minimum as investigators can be relentless in their pursuit of some evidence to malign the credibility of our clients.