By the Kean Miller Medicare Compliance Team

CMS issued an Alert on November 15, 2016, concerning 2017 Recovery Thresholds.  On December 12, 2016, it issued another Alert regarding 2017 Reporting Thresholds.  CMS also updated its NGHP User Guide on January 3, 2017.

The effect of the Alerts:

Reporting Threshold:  $750.00 for liability insurance (including self-insurance), no-fault insurance, and workers’ compensation payments.

  • Liability:  If the Total Payment Obligation to the Claimant (“TPOC”) date is 1/1/2017 (or after) and the payment exceeds $750.00, the payment must be Section 111 reported.
  • No-Fault:  If the TPOC date is 10/1/2016 (or after) and the payment exceeds $750.00, the payment must be Section 111 reported.
  • Workers’ Compensation:  If the TPOC date is 10/1/2016 (or after) and the payment exceeds $750.00, the payment must be Section 111 reported.

Recovery Threshold:  Effective January 1, 2017, the recovery threshold is $750.00 for physical trauma-based liability payments.  This means that CMS may assert a right to recovery/reimbursement if the payment exceeds $750.00.  However, there is no monetary threshold for recovery/ reimbursement in ingestion, implantation or exposure cases.  CMS reserves the right to assert a recovery claim regardless of the amount of the payment in ingestion, implantation and/or exposure cases. 

The recovery threshold on workers’ compensation and no-fault payments remains $750.00 as long as the workers’ compensation or no fault entity does not otherwise have ongoing responsibility for medicals.


By Lee Vail, Ph.D., J.D.

On March 14, 2016, Environmental Protection Agency (“EPA”) proposed changes to the Risk Management Plan Program (“RMP”) Rule.  On January 13, 2017, the EPA published a new final rule.  This a second in a planned series that will address five major changes:  root cause analysis for near misses, third-party audits, inherently safer technology, emergency response, and availability of information.  The third party audit provisions are so significant that I must split it up into two topics, starting with privilege.

The proposed rule contained several provisions that reminded me of the poster hung for all to see in George Orwell’s 1984:  Big Brother Is Watching You.  Promulgation of the proposal would have resulted in submission of potentially flawed draft reports prepared by individuals with no prior knowledge of the facility that would end up in the regulating agency’s hands no later than the facilities; draft reports had to be retained.  For some reason, the EPA believed it was necessary to receive raw, unfiltered, and potentially incorrect conclusions.  Fortunately, all of this was dropped.  Interestingly, and to the alarm of many, the EPA also proposed to add:

The audit report and related records shall not be privileged as attorney-client communications or attorney work products, even if written for or reviewed by legal staff.  81 FR, 13638, 13707 (Mar 14, 2016)

In the final rule, the EPA deleted this provision limiting attorney-client privilege.  Ultimately, the EPA dropped this provision as they:

recognizes that the ultimate decision maker on questions of evidentiary privileges are the courts. Therefore, this rule does not contain a specific regulatory provision prohibiting assertion of these privileges.  81 Fed. Reg. at 4614.

I expect that the EPA did not remove the provision because they found public comments persuasive.  Ultimately they probably received good counsel that inclusion of the provision would have help naysayers strike down the rule. The EPA added, in no uncertain terms how they feel above screening internal deliberations based on privilege:

With regard to information that arguably should be protected under evidentiary privileges, EPA’s view is that the third-party audit reports and related records under this rule, like other documents prepared pursuant to part 68 requirements, such as process safety information, PHAs, operating procedures and others, are not documents produced in anticipation of litigation. With respect to the attorney-client communication privilege specifically, the third-party auditor is arms-length and independent of the stationary source being audited. The auditor lacks an attorney-client relationship with counsel for the audited entity. Therefore, in EPA’s view, neither the audit report nor the records related to the audit report provided by the third-party auditor are attorney-client privileged (including documents originally prepared with assistance or under the direction of the audited source’s attorney).  Id.

Given our litigious society, I would always consider conducting an incident investigation under attorney-client privilege.  I see no reason not to conduct future audits under privilege, but there is no certainty that a court would uphold the privilege (is there ever?).  The EPA reminds us in footnote #32 that they have authority to demand records under Section 114 of the CAA.  If maintaining control of a draft report is important to you (which it should), make sure you have and follow a retention policy that requires destruction of all draft reports.  Make sure to keep the support for the final report.  Contracts with third parties should include the return of all information, materials and drafts.

Next week:  the rest on third-party audits!

Man's Hands Signing Document --- Image by © Royalty-Free/Corbis

By Scott Huffstetler

Today, the United States Supreme Court decided to consider three decisions involving class-action waivers in employee arbitration agreements.  As background, many employers require employees to sign arbitration agreements.  In these agreements, employees give up the right to sue their employer and agree that all employment related claims will be subject to arbitration.  Many of these agreements contain class-action waivers, in which employees will agree only to bring employment related claims against the employer individually.  Essentially, by signing these agreements, employees waive their right to start or join class or collective actions.  These waivers are particularly important given the recent increase in class or collective employment suits brought against employers under the Fair Labor Standards Act (FLSA) and anti-discrimination laws.  These suits can be very costly and frustrating for employers.  The federal Fifth Circuit, which is the appeals court for federal courts in Louisiana, Mississippi, and Texas, upheld such a class-action waiver in NLRB v. Murphy Oil.  However, in two separate cases, the Seventh and Ninth Circuits, which are the appeals courts for federal courts in Illinois, Indiana, Wisconsin, Alaska, Arizona, California, Hawaii, Idaho, Montana, Nevada, Oregon, and Washington, held that such waivers violate the National Labor Relations Act’s (NLRA) protection of concerted activity.  The inconsistent law in this area has been troubling for employers with arbitration agreements, especially those operating in multiple jurisdictions.  Hopefully, the Supreme Court’s decision will provide needed clarity for employers who opt to have these agreements.



By Michael J. O’Brien

In an earlier blog post here we highlighted the facts in Island Operating Co., v. Jewell, et al., Civil Action No. 16-145, currently pending in the Lafayette Division of the Western District of Louisiana. The central issue in Island Operating is whether a contractor that provides personnel to perform work on the Outer Continental Shelf can be issued an Incident of Non-Compliance (“INC”) and/or a civil penalty by BSEE for a failure to comply with the safety and environmental duties imposed by the Outer Continental Shelf’s Lands Act (“OCSLA”) and Part 250 of the Code of Federal Regulations. In a trial ruling on the briefs, Judge Doherty held that the duty to comply with the safety and environmental standards under OCSLA flows only to a lease holder or a permit holder; thus, offshore contractors such as Island cannot be issued an INC or a civil penalty from BSEE. In a day in age when nearly every offshore platform is ran or maintained by contractors, the very agency created to regulate offshore platform safety has no authority to do so against those contractors, per Judge Doherty. And, her ruling appears to be legally sound given the actual language of OCSLA.

Prior to this ruling, only two legal writings really touched on this issue, though neither of which boiled it down as succinctly and straightforwardly as Judge Doherty. First, in 2012, the Director of BSEE issued Interim Policy Document No. 12-07 (effective August 15, 2012) stating that BSEE would increase its INC’ing of contractors for serious violations of BSEE regulations. This came as a direct result of the Deepwater Horizon incident. The Director stated that it was BSEE’s position that any person performing an activity under a lease issued or maintained under OCSLA was subject to BSEE’s regulations and compliance, including contractors. His statement was based presumably in part on 30 CFR §250.146(c), which broadly encompasses contractors performing such activities. Second, Judge Milazzo from the EDLA recently held that the BSEE regulations could not serve as a basis for criminal penalties against contractors, though she only acknowledged that BSEE civil and regulatory authority over contractors had not yet been established. She was the first to affirmatively say that the OCSLA regulations did not extend to contractors, but her holding was in a criminal context and her analysis was heavily focused on the regulations rather than OCLSA. The USA has appealed her ruling to the U.S. 5th Circuit, which has extended briefing to respond to Judge Doherty’s recent ruling.

Judge Doherty, however, started her analysis with the language of OCSLA itself. Judge Doherty’s opinion focused on three sections of OCSLA. She first highlighted 43 U.S.C. §1332 (entitled: “Definitions”) that determines which types of juridical entities are subject to the entire act. Specifically, Section 1332 provides that “persons” are subject to the act, and they are defined as (in addition to a natural person) an “association, estate, a political subdivision of a state, or a private, public, or municipal corporation.” Next, Judge Doherty examined 43 U.S.C. §1348(b) (entitled: “Enforcement of Safety and Environmental Regulations”) which identifies which “persons” a duty is imposed as to safety and environmental issues, namely the duty to maintain all places of employment in compliance with occupational health and safety standards. Based on the plain language of the Section 1348, the duty to maintain places of employment and operations within the area of a lease or permit in compliance with safety, health, and environmental regulations falls – on “any holder of a lease or permit” granted under OCSLA. Section 1348 does not list any other types of party upon whom that duty falls. Last, Judge Doherty noted that 43 U.S.C. § 1350 (entitled: “Remedies and Penalties”) delineates the type of penalties allowed against those who violate the safety and environmental issues.

Reading these three statutes together, Judge Doherty held that a party who is neither a lease holder nor permit holder, such as Island, is not identified in 43 U.S.C. §1348 as having a duty related to environmental and safety standards. Accordingly, Island cannot be found to have violated a duty with which it is not charged. Further, Island cannot be subject to a regulatory penalty or fine from BSEE. According to Judge Doherty, “OSCLA’s plain language, when read in context, is clear, and does not embrace contractors, such as Island within the duty created by §1348(b).” Only lease holders and permit holders are therefore subject to OCSLA’s mandates.

Without OCSLA governance, offshore contractors are similarly not subject to Part 250, which are simply OCSLA’s implementing regulations. This is so despite the express language contained in §250.146(c) that applies the duty to any person who performs an activity on the OCS under a lease. However, Judge Doherty emphasized the distinction between the authorizing statute (OCSLA) and its implementing regulations (Part 250). She held that the regulations used to simply implement the statute cannot expand the scope of the statute beyond what the statute itself provides. As was also supported by the legislative history, OCSLA clearly does not include contractors within its scope, and thus, the BSEE regulations must be confined to that scope.

Judge Doherty’s decision that BSEE does not have the authority to enforce OCSLA’s regulations against a non-lease holder or non-permit holder will have far reaching consequences given BSEE’s recent history of issuing INC’s and civil penalties to contractors for accidents and injuries on the Outer Continental Shelf. Though it remains to be seen how BSEE will react to this decision in other jurisdictions, at least according to Judge Doherty, BSEE can only issue INC’s and civil penalties against the lessees and permit holders, i.e. – platform owners. Operators can neither be INC’ed nor fined. It is almost a certainty that BSEE will appeal this decision to the United States Fifth Circuit Court of Appeals. At a minimum, this decision should serve as the basis for appeal of any BSEE INC’s issued to contractors going forward. We will soon publish another article addressing the potential implications of this decision (or any future 5th Circuit decision) on other aspects of contractor liability on the OCS and certainly continue to monitor this case as it makes its way through the appeals.

The United States Environmental Protection Agency in Washington DC. (Photo by: Loop Images/UIG via Getty Images)

By R. Lee Vail, P.E., PH.D.

On March 14, 2016, Environmental Protection Agency (“EPA”) proposed changes to the Risk Management Plan Program (“RMP”) Rule. On December 21, 2016, the EPA disclosed its changes via a Pre-Publication Copy.  A series of blogs are planned to address five major changes: root cause analysis for near misses, third-party audits, inherently safer technology, emergency response, and availability of information. This blog addresses the first revision: root cause analysis for near misses.

The actual language of the incident investigation requirement has not changed significantly as a facility always was required to “investigate each incident which resulted in, or could have resulted in a catastrophic release of a regulated compound.” 40 CFR 68.81(a). The revised rule basically says the same thing except that it describes the concept “could have resulted in a catastrophic release” by relating said comment to an undefined term: “near misses.”[1] Citing its own 1996 response to comments, according to the EPA, “the range of incidents that reasonably could have resulted in a catastrophic release is very broad and cannot be specifically defined.” The EPA declined to add a definition in this rule making. So what is a near miss?

EPA appears to rely on a vague Center for Chemical Process Safety (“CCPS”) definition that describes a near miss in terms of an event that could have resulted in catastrophic release “if circumstances had been slightly different.” With this as a starting place, the EPA provided several examples of near misses:

  • a runaway reaction that is brought under control by operators is a near miss that may need to be investigated to determine why the problem occurred, even if it does not directly involve a covered process because it may have led to a release from a nearby covered process or because it may indicate a safety management failure that applies to a covered process at the facility;
  • fires and explosions near or within a covered process;
  • any unanticipated release of a regulated substance; and
  • some process upsets.[2]

If not completely clear by the examples, the EPA added that “near misses should also include incidents at nearby process or equipment outside of a regulated process if the incident had the potential to cause a catastrophic release from nearby regulated equipment.” This could result in mandatory RMP incident investigations of utility systems such as power and steam generation.

So what isn’t a “near miss?” Unfortunately, all we have from the EPA is “the intent is not to include every minor incident or leak, but to focus on serious incidents that could reasonably have resulted in a catastrophic release, although EPA acknowledges this will require subjective judgment.” Regardless of examples, the salient point is that the event could have resulted in a catastrophic release. Is that not what the original rule said? As such, lifting of a relief valve that is routed to a properly designed and operated flare would not be expected to have reasonably resulted in a catastrophic release. Some processes are inherently unstable and result in frequent “runaway reactions.” In these cases, the process design probably contains multiple layers of protection. Using a layer of protection, by itself, should be insufficient to declare a near miss.

I also question the EPA’s sole reliance on subjective judgment. “Minor releases” could be objectively defined (e.g., less than a reportable quantity). Whereas a Title V deviation may occur if a control device operates at 99% efficiency instead of the required 99.5%, such can objectively be shown not to result in a possible catastrophic release.

One thing is clear; facilities need to consider, document and follow subjective and objective criteria to define incidents that could have resulted in a catastrophic release. Examples provided by the EPA should be appropriately addressed. Ultimately it may add clarity to minimize use of the undefined term “near miss” as it is ultimately introduced in terms of an incident that could have resulted in a catastrophic release (which is nothing new).  Also clear, the new rule did anything but add clarity.


[1] To further confuse the issue, the EPA related the undefined term to the concept using the Latin based phrase “i.e.,” which is translated as “namely” or “that is to say” and then states within the preamble, that “near miss is an example of an event that could have reasonably resulted in a catastrophic release.” Typically the Latin based term “e.g.,” is used to introduce examples. Is an event that could have reasonably resulted in a catastrophic release and example of a near miss or is that the de facto definition?

[2] The EPA further cites the CCPS concerning the investigation of process upsets to include: excursions of process parameters beyond pre-established critical control limits; activation of layers of protection such as relief valves, interlocks, rupture discs, blowdown systems, halon systems, vapor release alarms, and fixed vapor spray systems and activation of emergency shutdowns.

The United States Environmental Protection Agency in Washington DC. (Photo by: Loop Images/UIG via Getty Images)

By Lee Vail

On March 14, 2016, Environmental Protection Agency (“EPA”) proposed changes to the RMP Rule . On December 21, 2016, the EPA disclosed its changes via a Pre-Publication Copy.

In the proposed rule, the EPA essentially agreed that the scope and trigger for post incident investigation was not universally understood or applied. The final rule includes an explicit requirement to include a “root cause” analysis “of catastrophic releases and near miss events and to have the findings of these investigations integrated into the PHA.” The EPA chose not to change the definition of catastrophic release, but instead added guidance to “clarify” which release would be considered catastrophic (including near misses) and which would not. The EPA added that incidents in nearby non-RMP regulated units could be a near miss. Incident investigations must be complete within a twelve month period.

EPA also declined to add a definition for the term “near miss,” although added the circular comment that it was “an example of an event that could reasonably have resulted in a catastrophic release.” Whereas the agency decided not to require classification for events within the five year accident report, the root cause requirement also applies to decommissioned or destroyed processes.

The EPA retained the requirement for certain facilities to conduct a safer technology and alternatives analysis (“STAA”) as part of a Process Hazard Analysis (“PHA”). The EPA revised the evaluation criteria from “feasibility” to “practicability” of any inherently safer technology (“IST”) identified. This requirement is limited to processes in NAICS 322 (e.g. paper manufacturer), 324 (e.g. petroleum refining), and 325 (e.g. chemicals manufacturer).

The revised rule retained mandatory third-party audits following an accident meeting the five-year accident history criteria or based on non-compliance with the compliance audit requirements. In the final rule, the EPA modified some of the independence requirements and eliminated the necessity that the team include a Professional Engineer. Facilities may engage a third party firm or hire a third-party individual to lead a team of employees or other non-independent individuals. EPA deleted the requirement that the auditor keep copies of records (including drafts). Audits can be conducted under attorney client privilege.

These and other changes will be further examined in future blogs. So please stay tuned.


By Jennifer J. Thomas

Recognizing the global problem of abuse and addiction to opioids, the Louisiana Legislature and the Louisiana Board of Pharmacy have enacted legislation and regulations to provide for the prescribing, dispensing and administration of Naloxone, an opioid antagonist.

In 2014, the Louisiana Legislature passed legislation authorizing “first responders” (peace officers, firefighters, EMS practitioners) to receive a prescription for Naloxone and maintain the Naloxone in the first responder’s possession for administration to any individual who is undergoing or who is believed to be undergoing an opioid-related drug overdose. The first responder is required to complete training necessary to safely and properly administer Naloxone including: techniques on how to recognize symptoms of an opioid-related overdose; standards and procedures for the storage and administration of Naloxone; and emergency follow-up procedures. First responders are immune from civil liability, criminal prosecution or disciplinary action under any professional licensing statute as a result of the administration of the Naloxone unless personal injury results from the gross negligence or willful or wanton misconduct of the first responder administering the drug.

During the 2016 legislative session, the Louisiana Legislature expanded the use of Naloxone and other opioid antagonists by authorizing a licensed medical practitioner, either directly or by standing order, to prescribe or dispense Naloxone without having examined the individual to whom it may be administered if: (1) the practitioner provides the individual receiving and administering the Naloxone or other opioid antagonist all the training required by the Louisiana Department of Health (“LDH”) for safe and proper administration of Naloxone; and (2) the Naloxone or other opioid antagonist is prescribed or dispensed in such a manner that it shall be administered through a device approved for this purpose by the United States Food and Drug Administration. Like first responders, licensed medical practitioners are granted immunity from civil liability, criminal prosecution, or disciplinary or other adverse action under any professional licensing statute. The 2016 legislation also authorized licensed pharmacists to dispense Naloxone or other opioid antagonists that is prescribed, directly or by standing order, as provided for in the rules promulgated by the Louisiana Board of Pharmacy. A licensed pharmacist who, in good faith, dispenses Naloxone or other opioid antagonists shall not be subject to civil liability, criminal prosecution or disciplinary or other adverse under any professional licensing statute.

The Louisiana Board of Pharmacy (“LBP”) has published in the Louisiana Register Declarations of Emergency providing for standing orders for the distribution of Naloxone. The first Emergency Rule was effective August 10, 2016, but because the LBP needed additional time, it directed the reissuance of the original Emergency Rule effective December 7, 2016. The Emergency Rule provides for the issuance by a Louisiana-licensed medical practitioner of a nonpatient-specific standing order for the facilitated distribution of Naloxone or other opioid antagonists. The standing order shall expire one year after the date of issuance. A Louisiana-licensed pharmacist may distribute Naloxone or other opioid antagonist according to the terms of the standing order until the one-year expiration of the standing order. Before Naloxone or other opioid antagonist drug product can be released to the recipient, the pharmacist shall verify the recipient’s knowledge and understanding of the proper use of the drug product including: (1) techniques on how to recognize signs of opioid-related drug overdose; (2) standards and procedures for the storage and administration of the drug product; and (3) emergency follow-up procedure including the requirement to summon emergency services either immediately before or immediately after administrating the drug product to the individual experiencing the overdose. The pharmacist is required to attach a copy of the standing order to the invoice or other record of sale or distribution of Naloxone or other opioid antagonist and shall store the transaction documents with the other distribution records in the pharmacy.

LDH has promulgated the Final Rule setting forth the best practice training requirements by licensed medical practitioners. Training includes: signs of overdose; signs of overmedication; instructions for storage and administration; and referral to the Substance Abuse and Mental Health Services Administration’s (“SAMHSA”) opioid overdose toolkit. Licensed medical practitioners shall instruct persons administering the opioid antagonist to immediately call 9-1-1 for medical assistance. Once the person is stable by emergency medical services, the treating practitioner is required to refer the patient to substance use treatment services. In the Final Rule, LDH strongly encourages prescribers to co-prescribe Naloxone or another opioid antagonists once in a given year to persons receiving opioid therapy for greater than 14 days.

The promulgation of the legislation and regulations increasing access to potentially life-saving medication will hopefully reduce the number of deaths resulting from opioid overdose in Louisiana.



By Jessica Engler

Continuing the trend from 2015, 2016 has seen a significant number of large, public data breaches. Many of these breaches involved high-profile companies such as the Democratic National Convention, Internal Revenue Service, MySpace, Yahoo!, and Anthem. Since large corporate and government breaches typically get the most attention, many smaller, local businesses can be lulled into a false sense of security, believing that those who do hack and steal data are not interested in their business. However, in 2016, hacker targeting of small businesses increased from 34 percent to 43 percent.[1] Small businesses, including the construction industry, are at risk.

The construction industry is becoming increasingly more connected. In addition to storage of confidential data on computers, many design and construction software systems—like BIM, Revit, Procore, and Aconex—have remote access controls or Internet-connected capabilities. As a company grows more technologically-savvy, the risk of breaches becomes more inherent. This memorandum will answer some basic questions for construction companies regarding data privacy issues. For specific advice regarding individual, company-specific questions, inquirers should seek the assistance of an attorney experienced in data privacy.

I am not MySpace or the IRS—why would a hacker be interested in my business?

Construction companies are often just as reliant on IT and computers as any other business. Construction companies—especially smaller ones—often do not think they are a target, so any protective measures currently in place may be easier to permeate. Several reasons why a hacker may be interested in you include:

Valuable Personally Identifiable Information Data: The vast majority of hacks are made for financial gain. If you use computers at all in your businesses, it is likely that you have confidential data stored on that computer that would be valuable to a hacker. Though you may not have as much personally identifiable information as a financial institution, you likely still have employee information (e.g., Social Security numbers, bank accounts for payroll, healthcare information, etc.) that could be worth money.

  1. Valuable Non-Personal Data: A construction companies often have access to certain proprietary client documents including project bid data, architectural designs, trade secrets, and other intellectual property. A hacker may also target general information about the company’s banking, accounting data, and policies in order to orchestrate social engineering or phishing schemes to have an employee send the hacker valuable data or unwittingly transfer corporate funds/assets.
  2. Access to Private Client Information: At times, the hacker is interested in accessing a client of the company, rather than the company itself. In 2013, approximately 70 million customers’ data was released by retail giant Target through malware installed on credit card machines. The hackers’ access to Target’s network was obtained indirectly through Fazio Mechanical Services, Target’s HVAC vendor, which had Target network credentials.[2] Through Fazio’s credentials, the hackers were able to cross into Target’s network to install the malware.
  3. Extortion: Ransomware is a type of malware designed to block off access to data stored in a computer system until money is paid (typically in bitcoin) to the hacker. When access is blocked—typically through encryption—the data may be lost if the victim does not pay the ransom and the victim does not have the data backed-up.

I don’t buy it. Name a construction company who has had a breach.

In early 2016, Turner Construction was targeted by a spear-phishing[3] scam wherein an employee emailed tax information on current and former employees to a fraudulent email account.[4] The tax information included full names, Social Security numbers, states of employment and residence, and tax withholding data for 2015. Hackers had manipulated, or “spoofed”, the “From” field in the email to the employee to make the email look like it was from a legitimate sender. This scam was a common scam during the 2016 tax season in order to obtain information used to file fraudulent tax returns.

Whiting-Turner Contracting (Baltimore), Central Concrete Supply Company (California), Century Fence (Wisconsin), Trinity Solar, and Foss Manufacturing were also recent victims of this scam.[5]

Are breaches really that big of a deal?

Data breaches can be very costly for a business. Depending on the type of data breached, a breach can cause loss of business and clients, reputation damages, loss of goodwill, decline in share value, increased legal and technological costs, and potential fines. Some businesses are never able to recover from a breach.

Additionally, even when a company can recover, it will often still have incurred significant costs due to business interruption. Depending on when the data incident occurred, a construction company may also be facing the risk of delay damages.

Yikes, that sounds expensive. What can I do to guarantee I will never be breached?

Unfortunately, there really is no way to “guarantee” that you will never be a target of a hacker. “Most security experts believe that it is a matter of when, not if,” your company will be targeted by hackers.[6] However, there are some actions you can take today to reduce your risk:

  • Identify your company’s valuable, private, and/or confidential information and know where that information is located on your network. Block off access to anyone who does not need that information to perform their job duties;
  • Work with your IT provider to ensure the company and its employees have strong password controls, any necessary encryption, current firewalls, updated security patches, and other recommended protections;
  • Consider using a third-party IT consultant to evaluate your system and identify any holes or vulnerabilities that your in-house IT personnel may have missed;
  • If using a subcontractor or other third party service provider that will have access to your network, establish procedures to evaluate those contractors;
  • Train employees to be aware and vigilant of risks and their role in protecting company data and assets; and
  • Create a plan of action in the event of a data incident.

A number of these steps and further actions to help protect your data can be undertaken with the help of legal counsel.

I have CGL insurance. Wouldn’t this be covered under my insurance?

It depends on the terms of your policy. In 2014, the Insurance Services Office, Inc. (the insurance industry organization that develops standard policy forms adopted by many insurance companies) issued a new form for CGL policies that expressly excludes coverage for data incidents.[7] Consultation with legal counsel can help you determine whether your current insurance coverage will provide coverage during a data incident.

If your CGL policy or any other policy leaves you without coverage for a data incident, you may want to consider purchasing cyber liability insurance. This relatively new form of insurance can provide coverage for costs associated with a data breach, including (depending on the terms of your policy) business interruption expenses, cyber extortion demand payments, legal expenses, IT forensic team expenses, cost of notification, and/or credit monitoring for affected persons.

I have been breached. What do I do?

If you have been breached, immediately contact your incident response team assigned in your incident response plan. If you do not have an incident response plan in place, contact your IT professionals and legal counsel. Many notification laws require that notice be given to affected persons and other state and federal agencies within certain time-frames, so it is important to have counsel retained in order to respond quickly and appropriately.


[1] Symantec, Internet Security Threat Report: Vol. 21 (Apr. 2016) (available at

[2] Target Hackers Broke in Via HVAC Company, Krebs on Security (Feb. 5, 2014) (available at

[3] Phishing is a type of email scam wherein the victim receives an email from someone who is pretending to be another person or entity, believes that the email is legitimate, and typically sends assets or information to the scammer based upon that mistaken belief. A well-known phishing scam is the “Nigerian Prince” scam. Spear phishing is a more targeted version of phishing. In a spear-phishing email, the scammer pretends to be a friend, family member, or co-worker. Because the email appears to be from someone the recipient knows, the recipient is often less vigilant in evaluating the legitimacy of the email. 

[4] Turner Construction Data Breach Notification Letter, State of California Department of Justice, Office of the Attorney General (last accessed 12/14/16) (available at

[5] Data Breaches, Cyber Security, and the Construction Industry, (May 2, 2016) (available at

[6] Data Breaches, Cyber Security, and the Construction Industry, (May 2, 2016) (available at

[7] Marla Kanemitsu & Erin Webb, Reviewing Emerging Insurance Protection for Cyber Risks, Security Magazine (Apr. 1, 2014) (available at


Tugboat sailing in a stormy day off the Portuguese coast during its activity of oil tankers and other ships support

By Michael J. O’Brien

The doctrine of maintenance and cure mandates that an employer pay an injured seaman a per diem living allowance for food and lodging comparable to what the seaman was entitled to while at sea. The injured seaman is also entitled to payment of medical expenses incurred in treating an injury or illness. The duty to pay maintenance and cure extends until the seaman has reached maximum medical improvement (MMI). However, the point at which a seaman reaches MMI can be a thorny issue, particularly since punitive damages are available to a seaman whose employer has arbitrarily and capriciously terminated maintenance and cure benefits. Many employers will request an independent medical examination (IME) to assist in the investigation of whether the seaman has reached MMI. Quite often, an employer will terminate maintenance and cure based on the opinions of the IME physician, expecting that its reliance on the medical opinion of the expert medical professional would not be arbitrary or capricious. Unfortunately, a recent decision by Judge Carl Barbier of the Eastern District of Louisiana demonstrates that an employer that terminates maintenance and cure benefits simply because an IME physician opines that a seaman has reached MMI does so at its own peril.

In Weeks Marine, Inc. v. Rodney Watson, 2016 WL 3027430 (E.D. La. May 27, 2016), Watson claimed to have been injured on September 24, 2014, when he was struck by a large steam table that toppled over in the galley in rough seas. On September 27, 2014, Watson was taken to a North Carolina physician with complaints of left hip and knee pain. Next, Watson was evaluated by an orthopedist on October 2, 2014. An MRI was recommended to investigate possible knee ligament or meniscus damage. His employer refused to authorize or pay for this diagnostic test. Thereafter, on October 16, 2014, Watson returned home to Louisiana and began treating with a local orthopedic surgeon. An IME was performed on January 15, 2015 by a physician chosen by Watson’s employer. The IME physician opined that there were no objective findings or a need for additional medical treatment. The IME physician also found Watson to be at MMI. Based on the opinions of the IME physician, Weeks terminated Watson’s maintenance and cure benefits on January 15, 2015.

Watson continued to treat with his choice of his physician who never found him to be at MMI. Eventually, Weeks contacted Watson and ordered him to return to the vessel and resume his duties. Watson refused due to his ongoing physical symptoms and he was terminated. Watson then retained an attorney and began treating with a Houston, Texas orthopedic surgeon. MRI studies revealed possible injuries to the left knee as well as to the cervical and lumbar spine. At his employer’s request, Watson returned to the IME physician on June 15, 2015, for his own MRI. The MRI was reported as normal, and Weeks declined to reinstate either Watson’s maintenance or cure.

As of Watson’s last medical appointment with his Houston orthopedist, it was recommended that he undergo a two-level cervical disc fusion, left knee arthroscopy, a radio frequency neurotomy procedure, and continued observation. The Houston physician further related the need for this treatment and surgery to the September 24, 2014 vessel incident. As of the date of trial, Weeks had not paid any medical bills since January 15, 2015 (the date of the first MMI opinion by the IME physician). Unpaid medical expenses were $56,582.00. The parties stipulated that accrued maintenance was payable at $20 per day and totaled $9,340 as of May 17, 2016.

Procedurally, Weeks filed a Complaint for Declaratory Judgment declaring that it was not obligated to make maintenance and cure payments beyond January 15, 2015. Watson responded by filing a Complaint for Damages alleging negligence under the Jones Act, unseaworthiness of the vessel, and compensatory and punitive damages for Weeks’ willful failure to pay maintenance and cure. The two Complaints were consolidated for a bench trial.

Following the bench trial, Judge Barbier held that Weeks was negligent and the vessel unseaworthy. There was no comparative negligence on the part of Watson. Judge Barbier further found that there was credible medical evidence that Watson required a two-level cervical fusion at the cost of $125,000, as well as a left knee arthroscopy and lumbar radiofrequency neurotomy.

In deciding the issue of punitive damages, Judge Barbier reiterated that the maintenance and cure duty must be liberally interpreted for the benefit and protection of the seaman. Any ambiguity or doubt related to maintenance and cure must also be resolved in favor of the seaman. He highlighted that the ship owner bears the obligation to investigate a seaman’s maintenance and cure claim and examine all medical evidence in determining whether maintenance and cure is owed. Further, if a ship owner unilaterally decides to stop paying maintenance and cure and the seaman reasserts his rights by bringing action against the ship owner, the ship owner meets his burden of proof only by providing “unequivocal evidence” that the seaman has reached MMI. See Johnson v. Moreland Drilling Co., 893 F.2d 77, 79 (5th Cir. 1990). Critically, Judge Barbier held that a second opinion contrary to the treating doctor’s opinions regarding diagnosis or prognosis of an injured seaman does not provide the unequivocal evidence required for termination of maintenance and cure benefits. This is in contrast to the existing case law out of the EDLA that has found a Jones Act employer was not arbitrary or capricious when it terminated maintenance in cure based upon its IME doctor’s MMI opinion that conflicted with the treating physician’s opinion. See Great Lakes Dredge and Dock Co. v. Martin, 2012 WL 3158870 (E.D. La. 2012) (Lemelle); Lodrigue v. Delta Towing, LLC, 2003 WL 22999425 (E.D. La. 2003) (Vance). That being said, each case must be evaluated on its own facts.

Based on this rationale, Judge Barbier found that the employer arbitrarily terminated Watson’s maintenance and cure benefits on January 15, 2015. Indeed, Judge Barbier put no faith in the opinion of the IME physician and rejected the physician’s “incredible and biased testimony at trial.” Thus, in addition to his other damages, Watson received $100,000 in punitive damages for willful failure to pay maintenance and cure as well as $50,000 in attorney’s fees incurred for his maintenance and cure claim.

This decision will be well known in the maritime plaintiff’s bar and used to threaten similar claims for punitive damages when a Jones Act employer relies heavily on its IME physician’s opinion in terminating maintenance and cure benefits. While specific circumstances in this case certainly affected the analysis, Jones Act employers should proceed with caution before terminating benefits on the basis of their own IME in light of this decision.

Venice, Italy - May 20, 2016: Construction site for the realization of the movable bulkheads system called MOSE to save Venice from tides.

By R. Chauvin Kean

On October 19, 2016, the Louisiana Third Circuit Court of Appeal in Guidry v. ABC Ins. Co., 2016-61 (La. App. 3 Cir. 10/19/16); — So. 3d — affirmed that a welder injured while assisting in the construction of a bulkhead in Grand Isle, LA was a seaman and that the floating mat on which he was injured was an appurtenance of the barge.

Plaintiff, Ernest Guidry, was hired as a welder for Tanner Services, LLC, which was awarded a contract to construct a bulkhead made of king and sheet piles. The contract involved a land division and a marine division. Plaintiff was assigned to the marine division in order to assist in the welding of the various metal sheet piles as they were lowered via a crane barge stationed adjacent to the construction site. The marine division consisted of two tugs and three barges from which operations were centered.

The vast majority of Plaintiff’s work was spent on a “floating mat,” which was described as a raft or floating scaffolding that was affixed to the various piles via ropes, that were used to relocate and move the mat along the bulkhead as construction progressed. At various times, when necessary, the mat was lifted by the barge’s crane and stored on its deck. Plaintiff spent approximate 50-60% of his time on the floating mat, 30-40% of his time on the barge, and 10% on land.

During construction operations, a steel pile vibrating hammer, being lifted by the crane on the barge, fell onto Plaintiff as he worked on the floating mat below. Plaintiff suffered numerous injuries and filed suit for seaman benefits under the Jones Act and was awarded general and special damages. Plaintiff’s employer, Tanner Services, LLC, appealed.

Examining the trial court’s determination that Plaintiff was a seaman under Chandris, Inc. v. Latsis, 515 U.S. 347, 368 (1995), the Third Circuit affirmed the holding based upon his duration of work on the barge and the floating mat. The Third Circuit also found that Plaintiff’s “duties contributed to the barges’ mission and function, the building of the bulkheads, and thus making them inherently vessel-related and fulfilling of the substantial nature requirement of the Chandris test.”

The most interesting portion of this opinion was the court’s determination that the floating mat was an appurtenance of the barge/vessel. Generally, “an appurtenance is any identifiable item that is destined for use aboard a specifically identifiable vessel and is essential to the vessel’s navigation, operation, or mission.” Clay v. ENSCO Offshore Co., 146 F. Supp. 3d 808, 813 (E.D. La Nov. 19, 2015). In Drachenberg v. Canal Barge Co., Inc., the seminal case from which the Fifth Circuit relied on two prior U.S. Supreme Court cases to base its opinion, the court announced various factors that could be used to determine if a piece of equipment was in fact an appurtenance to a vessel. 571 F. 2d 912, 918-21 (5th Cir. 1978). The guiding principle is predicated on the principle that one extending credit to a vessel has the right to assume that the entire vessel, including all her equipment essential to her function and mission, stands as security for the debt. Thus, the appurtenance must be essential to the vessel’s mission and purpose for which it was hired and must be used in conjunction with the vessel’s primary function at the time of the accident.

One essential element that was lacking in this case that is typically found in other appurtenance designations is physical connection to the vessel at the time of the accident. Although not essential to such determination, the U.S. Fifth Circuit has relied on the connection factor to determine that a piece of equipment that is temporarily attached to a vessel was so integral to the operations that it was in fact an appurtenance of the vessel. See, Drachenberg, 571 F. 2d at 920-921. Here, there are no facts in the opinion discussing whether the floating wooden mat was affixed to the barge at the time of the accident. In fact, the case facts state that the mat was primarily “tethered” to the bulkhead and moved by the rope system, without the mention of the barge’s interaction. The only mention of the mat’s physical connection to the barge is when, for certain reasons, the crane atop the barge would, on occasion, lift the mat out of the water for storage. Thus, this finding by the Louisiana Third Circuit greatly extends the classification of vessel appurtenances; mere wooden boards placed together to act as a platform adjacent to the bulkhead, without physically connection to the vessel at the time of the accident, was deemed an appurtenance of the vessel.

Ship owners and operators should take notice that the Louisiana Third Circuit has found that physical connection to a vessel does not necessarily determine if a piece of equipment is an appurtenance of a vessel. Here, the court held that but for the use of the floating mat, the bulkhead construction operations could not have been completed as tasked. This determination was amplified by a company representative’s testimony that declared that the mat was essential to the operations.

The consequence of ruling that the mat was an appurtenance to the vessel allowed the court to determine that all time spent on the floating mat could be contributed to the employee’s status as a seaman: his time and substantial connection to the vessel and its mission. Thus, because of the time Plaintiff worked “on the vessel” and its “appurtenance,” the employee was deemed a seaman. If appealed, the Louisiana Supreme Court may still find that Plaintiff was a seaman based upon Mr. Guidry’s percentage of time spent on the barge; thus, further appeal may not occur. This opinion is yet another example of the Louisiana Third Circuit developing new and more liberal views on maritime related issues in recent years.