Accretive agrees to $2.5M fine; company to withdraw from Minn.

Minnesota Attorney General Lori Swanson
Minnesota Attorney General Lori Swanson speaks July 30, 2012, about the state's lawsuit against Accretive Health. The Chicago-based company has agreed to pay a $2.5 million fine and withdraw from leave the state to settle a federal lawsuit.
MPR Photo/Elizabeth Stawicki

Fairview Health Service's former bill collector, Accretive Health, has agreed to pay a $2.5 million fine and leave the state as part of a settlement of a federal lawsuit brought by Minnesota Attorney General Lori Swanson.

A federal judge approved the settlement late Monday. The case against Chicago-based Accretive attracted national attention with allegations of repeated privacy breaches and abusive collection tactics, such as approaching patients in emergency room for payment.

The settlement requires Accretive to do several things:

• Create a patient restitution fund of nearly $2.5 million, with any funds remaining going to the state treasury.

Create a More Connected Minnesota

MPR News is your trusted resource for the news you need. With your support, MPR News brings accessible, courageous journalism and authentic conversation to everyone - free of paywalls and barriers. Your gift makes a difference.

• Hand over all data about Minnesota patients to the Twin Cities that contracted with Accretive.

• Wind down operations in Minnesota by November and stay away for six years unless the attorney general approves.

Swanson, who filed the lawsuit in January, said justice was served.

"A hospital emergency room is a high-stress place of trauma, of suffering," Swanson said. "It should be a solemn place, not a place to shakedown patients for money. It's good to close the door for Minnesota on this really disturbing chapter in our health care history."

Even though Accretive signed-on to the settlement, the company fired back in what has been a feisty war of words.

"The attorney general rebuffed us and bushwhacked us; told us she would meet with us," said Joe Anthony, attorney for Accretive.

"We turned over 100,000 documents to her in the spirit of cooperation. And then, what she did was she made them publicly available and that's just not the kind of straightforward behavior that Minnesotans expect from their attorney general," Anthony said. "And that's what happened to us. In this environment, who wants to do business here?"

Accretive has maintained that Swanson's actions cost more than 100 Minnesota jobs. But Swanson responded, calling that "an absurd comment" and said that Accretive tells investors it makes money by outsourcing jobs to India.

Swanson alleged Accretive was lax about securing sensitive patient information. She said a laptop containing more than 23,000 Fairview and North Memorial patient information was stolen from an Accretive employee's rental car.

The settlement comes at a time when Congress and the Obama administration have beefed up medical privacy laws and enforcement of those provisions.

In 2009, Congress gave state attorneys general such as Swanson the power to sue over violations of federal privacy protections. Health and Human Services has even been training them.

Accretive ran afoul of another provision. Lawmakers expanded responsibility for medical privacy from hospitals and health plans to their subcontractors like Accretive. That's a huge change, University of Minnesota law professor William McGeveran said.

"It makes those kinds of subcontractors directly responsible to follow the rules themselves," McGeveran said. "Now they're needing to answer not just to their clients, like the hospitals that hire them, but to the government about privacy and security arrangements."

Swanson alleged that Accretive and North Memorial Hospital shared patient data for six months without a legally required agreement on securing data and then created a back-dated one to cover the omission.

The Obama administration has also stepped up enforcement of medical privacy laws according to Washington, D.C. attorney Arianne Callender.

Callender was a senior lawyer in the office of inspector general to the U.S. Health and Human Services department. She said about a year ago, the agency's internal watchdog issued a highly critical report of the department's lax enforcement of patient privacy laws.

"They're under a microscope right now... So I think that's why we're seeing more privacy breach settlements and cases coming down the pike," Callender said.

Last month, the state of Alaska agreed to a $1.7 million fine and establish a three-year corrective action plan when a USB hard drive containing "potentially containing electronic protected health information" was stolen out of an employee's car.

In that case, the office of civil rights found Alaska lacked adequate policies and procedures to safeguard patient information. But Alaska's Health and Human Services Commissioner disputed those findings and said the state admitted no liability but the settlement and cap was a way to "avoid costly and protracted litigation."

Recently, three other medical centers or insurers have paid fines approaching or exceeding $1 million, as well.

Swanson's settlement with Accretive produced the biggest fine among those five cases.

Efthimios Parasidis, a health law professor at St. Louis University said the federal privacy regulations are far from detailed and many are waiting for official guidance from health and human services. But he says Minnesota's case against Accretive was not premature.

"We've learned from other areas of government regulation and other agencies, guidance can take decades to come down," Parasidis said. "And if we wait for guidance. we're going to be living in a world where patients aren't having the protection that the law actually provide them."

Swanson did not require Accretive to change its business practices outside of Minnesota but she said her office did refer hospital employees and witnesses to other state regulators.

Matt Sepic contributed to this report.