LinkedIn Facebook Twitter Email

Healthcare and ridesharing: 4 risks to manage

Healthcare and ridesharing: 4 risks to manage

With rideshare companies like Uber and Lyft launching programs targeted to non-emergency medical trips, the patient transportation sector is changing fast. What does this mean for healthcare risk managers? Follow this checklist for a look at four key risks, along with action steps to help manage them effectively.

  1. TNCs aren’t the right choice for every patient.
    Don’t confuse transportation network companies (TNCs) with medical chaperones. There are some scenarios where ride-hailing may not be appropriate, including those where patients have received anesthesia; where patients have mobility issues or need wheelchairs; and where patients require assistance entering or exiting from the vehicle.
    • Set a policy stating safe and suitable use of a TNC vs. traditional transportation options.
    • Check professional liability insurance policies for explicit coverage for loading/unloading exposure.
  1. Driver skill and behavior is an uncontrolled risk.
    While TNCs are required to thoroughly vet their drivers, healthcare organizations that entrust them with patient rides could, in certain cases, be held liable for a driver’s conduct while transporting the patient.
    • Confirm that the TNC frequently conducts driver background checks.
    • Ensure the TNC has adequate auto liability limits and transfer risk via formal contract.
  1. Integrated platforms open vulnerability to hackers.
    Healthcare-dedicated TNC dashboard platforms (such as Uber Health) integrate with providers’ electronic health records, pulling patient information to identify transportation needs. This link may create an access point for hackers, which could lead to personal information breaches, HIPAA violations, and negligence claims. Indeed, hacking accounts for more than half of all healthcare data breaches and 96 percent of all records exposed or disclosed.
    • Verify security and privacy protections and the amount of cyber insurance coverage carried by the TNC.
    • Review your organization’s cyber policy for first- and third-party coverage.
  1. Compliance with privacy rules become more complicated.
    To comply with HIPAA, TNCs withhold information from drivers on whether a ride is for a patient call or a regular user. Healthcare employees, however, may improperly disclose protected medical information as they escort patients to waiting rides.
    • Establish a HIPAA business associate agreement with the TNC.
    • Train employees to not divulge details of patients’ visits to TNC drivers.

Technology has brought rapid change to all industries, and the patient transportation sector is no different. To learn more about the industry disruption via healthcare rideshare services, check out our related article here.

This website is general in nature, and is provided as a courtesy to you. Information is accurate to the best of Liberty Mutual’s knowledge, but companies and individuals should not rely on it to prevent and mitigate all risks as an explanation of coverage or benefits under an insurance policy. Consult your professional advisor regarding your particular facts and circumstance. By citing external authorities or linking to other websites, Liberty Mutual is not endorsing them.