Travelers Fails to Pull a Rabbit out of its Hat and Must Defend its Insured

In a recent federal court decision out of Colorado, Travelers failed to convince the Court that it had no duty to defend its insured based on its IP exclusion (barring coverage for patent infringement claims).  Travelers’ subsidiary, Charter Oak, attempted to dodge coverage for its insured, Minute Key, Inc., under a liability policy.  Minute Key was sued by a competitor, Hillman Group, who claimed that Minute Key falsely accused Hillman of patent infringement, and in doing so sought to steal business from it.  There was no patent infringement claim against the insured!

The Charter Oak/Travelers policy provided “Personal and advertising injury” coverage.  Advertising injury was defined as “…injury, other than “personal injury,” caused by one or more of the following offenses: (1) oral or written publication … in your “advertisement” that “disparages a person’s or organization’s goods, products or services… .”  Likewise “Personal injury” was defined as “… Oral or written publication … that … disparages a person’s or organization’s goods, products or services… .”

The IP Exclusion states that the “insurance does not apply “Personal injury or advertising injury arising out of …Patent…[infringement]”.

The underlying lawsuit began as a declaratory judgment action where Hillman sought a declaration of non-infringement and invalidity under the Patent Act against Minute Key.  Then its suit was amended to add a claim of damages for product disparagement under the Lanham Act and state law.

So the coverage issue raised by Travelers was whether Hillman’s disparagement action’s genesis, in patent infringement allegations made by Minute Key against Hillman, brings the action into the exclusion.  Ordinarily, insurers (whose policies exclude coverage for patent infringement claims) deny coverage for patent infringement claims made against their insureds!

Thus, Travelers’ counsel took a creative leap on this one!  Even in Colorado, which applies the “four corners rule” determining duty to defend just on the allegations in the Complaint as against the Policy, it is evident Travelers had to defend.  This is because the duty to defend arises when the underlying complaint alleges any facts that might fall within coverage.  The district court readily decided in favor of the policyholder because while Travelers broad reading of its exclusion was “colorable,” it was not conclusive.  The coverage grant expressly included the obligation to defend the underlying claims of product disparagement—and coverage grants are to be applied broadly—Colorado law is to construe the duty to defend “liberally with a view toward affording the greatest possible protection to the insured.” (Thompson v. Maryland Cas. Co., 84 P. 3d 496, 502 (Col. 2004)).

The Court found the IP Exclusion ambiguous in the context of the facts of the case (which seems generous), but that ambiguity finding meant the Court was required to rule against Travelers.  Travelers’ effort to argue for a broad interpretation of its exclusion also runs counter to California law, which requires exclusions to be interpreted narrowly as they seek to limit coverage grants which are, in contrast, to be interpreted broadly.  This does not stop aggressive insurer counsel from continuing to flaunt the rules of interpretation—arguing the very opposite of what the rules of construction allow.

Two Court Rulings Show Coverage Difficulties for “Fake President” Fraud

A few weeks back, the Insurance Recovery report posted a blog about the difficulty obtaining insurance coverage for “fake president” fraud, which is also known as business e-mail compromise, or social engineering fraud.   Two courts have recently reached opposite holdings on this exact topic, which highlight the difficulty policyholders face when they have been victimized by Fake President Fraud.

The policyholder-favorable of those rulings came out of a New York District Court, where the judge found in favor of coverage for this type of fraud under a crime policy issued by Federal Insurance Company.  Medidata Solutions, Inc. v. Federal Ins. Co., Case No. 15-CV-907 (S.D.N.Y. July 21, 2017). Docket No. 32.  The case was typical of fake president fraud.  In 2014, a fraudster imitating the president of Medidata Solutions, Inc. directed an employee in the accounts payable department to wire money overseas for a company acquisition.  The e-mail included the president’s e-mail address and picture, and copied a fake attorney.  The employee performed some degree of due diligence, corresponding with the fake attorney by e-mail and phone before wiring the money.  However, that employee ultimately wired $4.8 million dollars to a fraudulent account.  Fortunately, the company discovered the fraud before a request to wire another $4.8 million was completed.  Medidata sought coverage under its Federal Insurance Company crime policy, but Federal denied the claim.  Medidata filed suit in February 2015.

The scope of coverage under the policy turned on a computer fraud provision in the crime policy that covered losses that occurred as a result of the “fraudulent entry” or changing of data in the policyholder’s computer system.”  The question then arose: was this a fraudulent entry?  Some courts had previously determined that fake president fraud does not result in a fraudulent entry or act because the company employee voluntarily makes those changes (although at the direction of a fraudulent actor).  Here, though, Judge Andrew Carter Jr. disagreed, holding that the entry was indeed fraudulent because the fraudster used a computer code to alter a series of email messages to make them appear as if they originated from the company’s president.   In that regard, Judge Carter followed the decision in Universal American Corp. v. National Union Fire Ins. Co. of Pittsburgh, Pa., which found such entries to be fraudulent because they violated the integrity of the computer system.  To Judge Carter, it seemed implausible that one would ever find coverage under the narrow view other courts have taken because it would require the fraudster to break into the computer system and wire the money.

But then yesterday, a Michigan District Court reached the exact opposite ruling in American Tooling Center Inc. v. Travelers Casualty and Surety Co., Case No. 5:16-cv-12108, 2017 U.S. Dist. LEXIS 120473 (E.D. Mich. Aug. 1, 2017).  There, the fraudster sent e-mails posing as a vendor of the Michigan-based company, asking to forward payments due under a contract between the parties.  The company sent the money, only to discover the money was lost forever.  American Tooling Center sought coverage under its Travelers’ crime policy because it constituted computer fraud, but Travelers denied the claim, arguing that there was not a “direct loss” that was “directly caused by” the use of a computer.

The relevant policy definition defined computer fraud as the use of “any computer” to “fraudulently cause” a “direct loss” by money transfer.  American Tooling and Travelers obviously disagreed about those terms, but the Judge found in favor of Travelers because the term “direct loss” was synonymous with the term immediate, and there were steps in between the fraudulent e-mails and the wiring of money.  In short, the Michigan court would require the exact thing – a fraudster hacking into the computer and sending the money directly – that the New York court found implausible.

What are the major takeaways from these rulings?  First, it is always critical to carefully review the language in insurance policies.  The American Tooling Center court distinguished the ruling in Medidata by contrasting the policy language because the Medidata policy did not include the term “direct loss” in its definition of fraud.  To many people, that would be a minor distinction.  But to the Michigan court it meant the difference between there being coverage or not.  We believe that the Medidata court had the proper holding, that the Michigan court should have followed suit, and that Judge Carter’s belief that a computer fraud coverage requirement that a fraudster perform a transfer for there to be coverage is too draconian. And because rulings on this subject have come down all over the place, policyholders that frequently conduct transfers via computer should consider contacting insurance professionals, be it an attorney to interpret the policy, or a broker to determine whether there might be a policy endorsement available specifically aimed at this type of event.

Renewal Notices Must Warn of Major Changes in Coverage

California Insurance Code §678 provides as to personal lines policies (such as homeowners, auto or personal liability): “(a) At least 45 days prior to policy expiration, an insurer shall deliver to the named insured…(1) an offer of renewal of the policy contingent upon payment of premium…stating…(A) Any reduction of limits or elimination of coverage…”

Insurance Code §675.5 makes the same law applicable to commercial policies issued for delivery to California insureds. Insurance Code §676.2(c)(1) provides as to policies of commercial insurance that upon renewal no reductions or changes in the conditions of coverage shall be effective unless a written notice is mailed at least 30 days before the effective date of the change, and such changes can only be made where there are specific reasons for the change (such as willful or grossly negligent acts by the insured or failure to institute loss control measures, or change in use materially adding to the risk).  These Insurance Code provisions protect insureds from surprise exclusions which materially reduce the coverage being renewed.

It is very common to find California Changes Endorsements on policies issued in California to reflect these legal requirements.  They are usually entitled:  “California Changes—Cancellation and Nonrenewal” followed by a promise to adhere to these time limits of Notice and other provisions of the Insurance Code regarding renewal or cancellation of the policy.

What if at renewal time, the insurer simply sends a general “Notice of Policy Conditional Renewal” which is a boiler plate Notice reserving the right to make any kind of change in terms, premium or deductibles?  Is that sufficient Notice to allow major reductions in coverage to be enforceable?  We think not.

The case law makes these contractual obligations to notify explicit.  The California Supreme Court has held that “no change may be made in the terms of the renewal policy without notice to the insured.”  (Industrial Indemnity Co. v. Industrial Accident Commission of California (1949) 34 Cal. 2d 500, 506.)  California law requires that when an insurance company changes, reduces, or limits the coverage or benefits of a policy upon renewal, the notice of such change must “be provided in a ‘plain, clear and conspicuous writing.’” (Everett v. State Farm General Ins. Co. (2008) 162 Cal. App. 4th 649, 663.)  To be conspicuous, the notice must be “displayed or presented” in a way that it would be “noticed” by a reasonable person.  (Broberg v. Guardian Life Ins. Co. of Am. (2009) 171 Cal. App. 4th 912, 922-23.)  Examples of conspicuous notice “includes . . . a heading in capitals . . . larger type than the surrounding text, or in contrasting type, font, or color to the surrounding text of the same size . . ..”  (Id. at 923.)  Moreover, the notice of reduction in coverage must be “specific.”  (Davis v. United Services Auto Ass’n (1990) 223 Cal. App. 3d 1322, 1332.)  Thus, “a general admonition to read the policy for changes is insufficient.”  (Id.)  The failure to provide “adequate notice” renders the attempted reduction or limitation in coverage “ineffective.”  (Id. at 1333.)

A major reduction in coverage in the Renewal terms should be disclosed to the insured so that the insured has an opportunity to make an informed decision to renew with the same insurer or seek coverage elsewhere.  Certainly an insured must have a reasonable notice of the renewal terms, if the insurer plans a major reduction in coverage.  The failure of the insurer and/or the broker to disclose major reductions in coverage in the renewal terms, has serious consequences including making that surprise and deadly exclusion unenforceable. So buyer beware and be forewarned!  If you find your renewal policy has surprise holes in the coverage, you might consult coverage counsel as the insurance law may afford some remedies.

The Remedy for the New Cyber Threat Posing Major Coverage Problems: “Fake President” E-mails

In the last few weeks, we have seen yet another widespread ransomware attack that hit nearly one hundred companies around the world.  It reminded me of a recent request from a client, made just after news broke of the WannaCry ransomware attacks, to review its insurance portfolio to confirm that it was covered for ransomware attack.   The client had that coverage, but I noticed that there was a gaping hole in the policy for another type of common attack that goes by a variety of names – business e-mail compromise, social engineering fraud, and fake president fraud.  What is critical for companies to understand, and few do, is that they must purchase a specific endorsement to obtain this kind of coverage.

These types of attacks are as much identity fraud as they are a cyberattack.  In these kinds of cases, an impostor will pose as a high ranking executive at a company, and command a lower level employee via email to wire money to a client or vendor account.  The employee, so diligently trained to follow orders, will then complete the transaction, unwittingly transferring company funds into a fake account.  After all, what employee would question the company’s CEO, CFO, President, or other superior?

This crime poses significant challenges from a coverage perspective.  The act does not fit cleanly within the typical first party coverages included in cyber policies – it isn’t a data breach, in which information is stolen or compromised and needs to be repaired, and it isn’t a ransomware attack, in which a company has its business shut down.  These types of attacks also aren’t covered by modern crime policies because the action taken – the wiring of money by an employee – is voluntary.  There is no extortion, and no money is stolen.

Courts recently confronted with these situations have routinely denied coverage.  One example can be seen in Aqua Star (USA) Corp. v. Travelers Cas. & Sur. Co. of Am., No. C14-1368RSL, 2016 U.S. Dist. LEXIS 88985 (W.D. Wash. July 8, 2016).  There, a hacker impersonating a vendor of the policyholder directed an employee to change the bank account for future payments to that vendor.  The employee dutifully did so, and the policyholder lost over $700,000 when money was wired to the fraudster’s account.  The crime policy covered computer fraud, but contained an exclusion for “loss resulting directly or indirectly from the input of Electronic Data by a natural person having the authority to enter the Insured’s Computer System.”  Travelers denied coverage because the employee had authorization to input the new bank information to the account, and the District Court agreed, finding that the loss – the transfer of money to the new account – indirectly resulted from the inputting of the new bank information.

In Taylor & Lieberman v. Fed. Ins. Co., 2017 U.S. App. LEXIS 4205 (9th Cir. Mar. 9, 2017), the Ninth Circuit was faced with a similar situation.  There, an accounting firm handled payments and transfers for its clients.  An impostor took control of a client’s e-mail account and sent multiple wire payment instructions to the accounting firm.  The employee wired the money, and did not discover the fraud until the third request to wire money.  The accounting firm sought coverage under its crime policy, which provided coverage for “direct loss sustained by an Insured.”  The Court denied coverage because it determined the accounting firm was seeking recovery for third party losses – those of its clients – and not its own.  That the company might have to indemnify that client for the fraudulent payments was immaterial.

Fortunately, not all cases end with an insurer victory.  But the uncertainty of these results begs the question: how do you insure for these attacks?  The answer is a policy endorsement targeted at these types of attacks.  It is usually added to a company’s crime policy, and will include language such as “the Company will reimburse the Insured for Loss sustained by the Insured Person as a direct or indirect result of Business E-mail Compromise.”  The Policy will then define Business E-mail Compromise, and within that definition it should include reference to coverage for voluntary actions of the insured (who is wiring money under false pretenses).  The policy limits for these endorsements tend to be lower than the policy it is attached to, but any coverage an insured can obtain for this kind of fraud is better than none.

There are a few important takeaways on this issue.  First, check your insurance policies for language that may suggest coverage in this area, and read the language closely.  You will want to make sure your company is covered when money is sent by employees as a result of fraud.  If you do not see such language, ask your broker to get you options to add this endorsement to one of your policies.  Second, confirm that the policy endorsement you obtain is broad enough to subsume the acts you are seeking to cover.  The worst case scenario would be purchasing an endorsement that fails to cover the fraudulent actions for which you are hoping to obtain insurance.  Finally, train your employees for these types of situations.  A simple 30 minute training on how to identify tells that reveal these schemes may help your company avoid hundreds of thousands of dollars in losses by avoiding this situation altogether.

Ninth Circuit Reaffirms Policyholder Right to Sue Recalcitrant Excess Insurer

A new opinion published on March 21, 2017 from the Ninth Circuit (Teleflex Medical Inc. v National Union, Case no 14-56366 ) affirmed a $6+ M judgment against AIG subsidiary National Union, who was excess a primary policy issued by CNA.  This is an excellent result for policyholders, and a warning to recalcitrant excess insurers.

The Insured purchased two insurance policies that covered disparagement claims – a primary policy issued by CNA, and an excess policy issued by National Union.  The Insured was defended by CNA in an underlying lawsuit, and the Insured and primary insurer kept National Union informed throughout the litigation.  The underlying lawsuit finally developed to the point settlement was advisable, and the claimant, Insured, and CNA all agreed to a settlement that would require about $3.75 million from the $14 million National Union excess policy.

National Union not only refused to consent to the settlement – which, of course, the Insured, claimant and CNA all agreed to make—but also refused to undertake the defense of the Insured.  The court found the Insured was entitled to sue National Union for breach of contract and bad faith and was entitled to the rebuttable presumption that the settlement was reasonable because National Union failed to undertake the defense when it refused to consent to the settlement.  Under the decision in Diamond Heights HOA v National Am. Ins. Co. 227 Cal. App. 3d. (1991), the Court held an excess insurer only has three choices in that context: 1) approve the settlement; 2) reject it and take over the defense, or 3) reject it and decline to defend, but face a potential lawsuit by the insured seeking contribution and bad faith damages. The Diamond Heights court also found an excess insurer who rejects a settlement and refuses to defend thereby waives of the “no action” (and “voluntary payments”) clauses in their contracts.

Since National Union refused to undertake the defense—i.e., breached the contract and violated the Insured’s rights under the implied covenant of good faith and fair dealing—it was vulnerable to this later suit brought by the Insureds.  That case went to trial and the jury found the settlement reasonable and National Union liable for breach of contract and bad faith—the ultimate judgment exceeded $6 million.  The Ninth Circuit decision, which affirmed the trial court, contains an excellent discussion of the public policy behind the Diamond Heights decision, and later decisions applying it post-WallerWaller v. Truck Ins. Exchange, 11 Cal 4th 1 (1995) held that an insurance company does not waive coverage defenses it fails to mention in its correspondence with the insured—and in its decision did not address the Diamond Heights decision.

National Union argued the Waller Supreme Court decision – which held that an insurer does not waive coverage defenses if not in their coverage letters – somehow overruled Diamond Heights.  This argument was soundly rejected by the trial court and Ninth Circuit.  Among the arguments National Union made were that the Insured should have had to prove waiver of the “no action” and “voluntary payments” clauses by clear and convincing evidence –not by a preponderance of the evidence!  This argument was also soundly rejected by the Ninth Circuit.  Of course, as all insurers will do, National Union also argued for a “genuine dispute” instruction—which the Ninth Circuit also rejected for good reason –not only because it really does not apply in the context of a liability policy, but also because it is subsumed in the standard CACI instruction.  The jury had to determine the settlement was reasonable as part of that instruction.  The opinion makes for good reading because it lays out the extreme arguments National Union made before a jury (who fortunately did not buy any of them).  The opinion also affirms the insured’s recovery of Brandt fees, and that the trial court reasonably apportioned only 10% of the fees to the bad faith claims thus allowing a 90% recovery!

California Supreme Court Endorses the Insurance Commissioner’s Authority to Regulate Wayward Insurers

On Monday, the California Supreme Court revived a 2011 insurance regulation designed to protect homeowners from underinsurance because of the insurance company’s use of potentially misleading estimates for home replacement costs.  This was a big win for consumers, and will be particularly important for those who lose their homes in natural disasters (in particular fire) where there are few coverage disputes other than the cost to repair or replace.

As background, the Insurance Commissioner enacted the insurance regulation, which laid out detailed guidelines to ensure adequate replacement cost coverage in homeowners policies, with the intent of eliminating the practice by insurers of providing homeowners policies with insufficient limits based in inadequately estimated costs of repair.  The effect of the insurers practice was to leave homeowners only partially insured and holding the bag if they wanted to rebuild their homes after an insured loss.  This issue was becoming increasingly problematic because of the prolonged droughts suffered in many California communities, and the increasing prevalence of major wildfires.  But with the passage of this rule, the Insurance Commissioner hoped to give homeowners some piece of mind by requiring insurers to  properly calculate rebuilding estimates.  If the insurers violate the regulation, and an insured suffers a loss (because their policy had insufficient limits to actually cover the repair or replacement costs) the remedies include both an enforcement action and also a potential private lawsuit based on this now more precisely defined unfair business practice.

The insurance industry objected that the regulation fell outside of the Commissioner’s delegated authority, and also argued that the regulation restricted their underwriting and violated their rights of free speech.  The trial court and appellate court threw out the new regulation on the first ground, that the Insurance Commissioner exceeded his authority in promulgating this new regulation.  However, the California Supreme Court reversed, finding that the Commissioner was well within his authority, and sent the case back to for the lower courts to address the other two grounds.  The Court rejected gave deference to the Commissioner after a careful review of all the reasons agencies have such authority.  In particular, the Supreme Court focused on the public policy behind the enabling statute at issue, Insurance Code 790.03 (b), which bars Unfair Practices in the form of false or misleading statements issued by insurers, and delegates to the Commissioner the authority to issue regulations to enforce the statute.

From a practical perspective, this is a fantastic outcome for consumers.  The Supreme Court emphatically endorsed the authority of the California Insurance Commissioner to issue regulations to enforce the Unfair Practices in the business of insurance law.

Losing a home is bad enough, but having to haggle with an intransigent insurance company who issued a homeowners policy with insufficient limits for the replacement costs in the aftermath is even worse.  It will be interesting to see if the insurance industry will now provide more accurate, but more expensive limits for replacement cost coverage in homeowners policies.

Beazley Report Details Increase in Ransomware Attacks

A report issued last week by Beazley, one of the prominent insurance companies in the cyber field, revealed what industry experts predicted earlier in the year – ransomware is an increasingly prevalent menace.  That report is a reminder to everyone that there is no time like the present to review backup and incident response plans, and to take a close look at your insurance policies.

Beazley has been a prominent cyber insurance player since the inception of that specialized coverage. As an early presence in this area, Beazley started its data breach response unit in 2009.  During that time, it has been tracking its incident response figures based on claims from its policyholders.  And the early reports from 2016 reveal ransomware to be a growing threat.  While the percentage of ransomware attacks as part of the broader data breach universe stayed proportional to the figures seen in 2015, there was a huge uptick in the total number of ransomware incidents.  As Beazley noted, cyber thieves have apparently determined that it is easier to get payment in bitcoins via ransomware than selling information on the dark web.

But all is not lost in this grim report.  There are easy lessons to take away that can help prevent or minimize the risk or damage from a potential ransomware attack.

  • First, ensure you have robust backup practices. A thief stealing your company’s data is a bad outcome.  But Ransomware can cripple a company.  Backup processes are no sure solution, but the absence of a solid backup plan will certainly result in catastrophic results because the ransomware will leave you at the mercy of the attackers.
  • Second, prepare or update your incident response plan. Whatever that plan may be, you do not want an actual data breach attack to be the first time you have practiced your plan.
  • Third, educate your employees. Over 80% of data attacks resulted from human error – when your employee opens the wrong attachment, it is utterly meaningless if you have the Fort Knox of cyber defenses.
  • Finally, review your insurance portfolio. Ransomware is somewhat unique in its mode of attack, and the “damage” that it does to your system. Does it actually do damage your data?  Your computers?  Insurers will certainly argue to the contrary.  An important takeaway is that you should understand where your potential cyber coverage might lie, and determine if you need additional coverage.  Cyber insurance may or may not be cost effective for your company, but you need to understand your insurance portfolio to better evaluate your risk profile.

Long Term Disability Payments: Standard for Abuse of Discretion

Insurance for long term disability – payments to an insured who is prevented from earning his or her income due to long term disability – is a fruitful field for litigation for many reasons.  Though the insurance may be arranged and paid for by or through the employer, the plan is often both administered and financially managed by an insurer, so that there is an element of self-dealing in the insurer’s decisions in the eyes of the courts.  (Why this is a particular concern in LTD disability cases is unclear, since in virtually all other situations the insurer is both the administrator which decides whether to honor a claim and the party whose bottom line is diminished through claims expenses such as payment of benefits or damages.  Perhaps it is because the insured in these matters is, of course, disabled and thus perceived as more vulnerable to insurance company abuse.  The fact that the disability insurers are second guessing treating physicians on medical issues may also be a factor.)

LTD claims often fall under ERISA, the Employment Retirement Income Security Act of 1974, and are thus within the jurisdiction of the federal courts, which have developed their own jurisprudence for the disposition of ERISA claims.  Most importantly, the federal courts have developed an “abuse of discretion” standard for review of benefit denials where the retirement plan’s administrator/payor has discretionary authority to determine eligibility.  Such determinations are reviewed for abuse of discretion rather than under the more common standard of review which determines whether a decision is supported by sufficient evidence. It is not unusual for the courts to reverse denial of LTD benefits in ERISA cases for abuse of discretion:  in effect, the courts will not allow the plan administrators to save the costs of the disability insurance payouts where their obvious interest in making the plan profitable appears to deny legitimate benefits.  A recent case illustrates the courts’ affirmative, but still too limited role in this context.

Daniel Demer was an auditor at IBM, whose LTD benefit plan was administered by Metropolitan Life Insurance Co. (“MetLife”).  He stopped working because of disability and received short term disability payments but was eventually denied long term disability benefits.  Demer submitted statements and medical records from several treating physicians, but MetLife denied the claim for long term benefits, relying largely on the opinion of an independent physician consultant who had conducted “only a paper review” of Demer’s file and had not examined the patient.  Demer appealed within the MetLife organization, providing further supporting information from his treating pain medicine specialist among other things.  But MetLife denied the appeal, now relying on the opinions of two other physicians of its choice who had seen only the paper file and had not examined the patient.  Demer then brought suit.

The District Court ruled against Demer, rejecting his argument that because of a conflict within MetLife the review for abuse of discretion “must be tempered with skepticism,” and finding that because the treating and reviewing physicians disagreed, MetLife reasonably relied on its reviewing physicians’ opinions although those opinions were derived only from an office review of the treating physicians’ charts.  The Ninth Circuit reversed on August 26, 2016.

In an opinion by District Judge Edward Chen, the court  held that there was a structural conflict of interest on MetLife’s part, both because of the previously announced rule that being both the decider and the funder of the benefit creates a structural conflict (Abatie v. Alta Health & Life Ins. Co. (9th Cir. 2006) 458 F. 3d 955, 963) and because at least two of the independent physician consultants used by it to evaluate the Demer file had been, in effect, in-house reviewers for the company because they had “performed a significant number of reviews for MetLife and have received significant compensation for their services.”

The court developed the evidence of the outside independent medical evaluators’ “financial conflicts” in some detail, showing that these physicians earned substantial sums each year from acting as independent medical evaluators for MetLife, though it noted that neither the claimant nor MetLife developed the evidence to show – either that their evaluations favored denial of benefits, or the opposite: the court based its finding of structural prejudice entirely on the volume and financial value of the physicians’ work.  And it did so while briefly acknowledging the District Court’s position that MetLife, following prior case law, had taken affirmative steps to separate the claims evaluation process from financial parts of the firm.  The court belittled the reviewing physicians’ conclusions that Demer was not limited physically or mentally from  employment and that his (and by implication his treating physicians’) conclusions to the contrary were not credible.

The reviewing physicians, the opinion found, had stated no convincing reasons for their conclusions that Demer was not disabled.  Curiously, on this record with its noted inadequacies the court did not reverse with directions to award the benefits to the plaintiff, but ordered a further hearing “because the record does not clearly establish that MetLife should necessarily have awarded Mr. Demer benefits.”  Apparently, only an “arbitrary and capricious” denial of benefits warrants a straight reversal.  Here the court found that the insured had produced credible evidence through the treating physicians’ charts and opinions  in support of his demand for benefits, and the conclusions of the plan manager’s review were judicially rejected as the result of inherent conflicts of interest and of judicial “skepticism” about the integrity of the review process.  In such a case, why should the disabled claimant be denied relief, and why should the plan manager be entitled to try to deny the claim once again, with a new, de novo review?

Judge Bybee concurred in the result but dissented from what he called “the majority’s new concept of skepticism.”    In his view, a plan administrator can “cleanse” its conflict of interest by erecting ethical walls between payor staff and evaluators and by using outside physicians as evaluators.  He also had “great reservations about the use of ‘skepticism’ as a standard of review,” but “because that section [of the opinion about a skeptical approach] is not otherwise necessary to the majority’s opinion,” he concurred in the judgment.  I understand him to mean that he agrees to have the case further evaluated by MetLife.  I saw no other grounds for that disposition in the decision, beyond the majority’s skepticism.

In my opinion, this decision takes a big step toward fairness in disability evaluations by ruling that a read-only, don’t-examine-the-patient evaluation of a disability claimant’s application must be viewed with skepticism — where the reviewing physician is engaged to make judgments about the patient’s disability strictly from reading the file, and no effort is made to allow the claimant to rebut or reconcile such readings with the findings of his or her treating physicians.  The treating physicians must have found the patient disabled, or the file would not have got that far.  Insurers view claims with a skepticism of their own, and chances are strong that they would condition their often-used reviewers to that perspective.  The law needs to go further:  it must give the applicant an opportunity to rebut the findings of any non-observing paper-only evaluator, or it must require that any “independent reviewers” used by the plan administrator to question the treating physicians’ findings must actually examine the patient, and must base their disagreement on observed facts.

Only then will the new-found “skepticism” of the courts toward these inside-job denials have any real meaning.

Cyber Insurance Becoming Increasingly Important to Transportation Industries

Nossaman Infrastructure Partner, Donna Brady, just published a blog about the need for cyber insurance for those in the transportation industry in light of the increasing use of intelligent transportation systems.  A department of transportation might not be the first thing that pops into your head when you think of data breaches, but anyone connected to the Internet is a potential target.  A transportation agency will have consumer payment information, GPS vehicle tracking information, and could be a target for ransomware because of the great need to maintain operations and to comply with privacy laws.  For these reasons, transportation agencies are attractive targets to cyber criminals.  It is a good reminder that the evolving use of intelligent systems and the Internet of Things requires an evaluation of your insurance portfolio, whether you are in the transportation industry or not.

LexBlog