CME: Disaster preparedness for physician practices

‍Objectives

Upon completion of this educational activity, the participant should be able to:

• summarize the necessary components of a HIPAA-compliant emergency contingency plan;
• describe practical methods for recovering medical records damaged or lost due to a disaster; 
• define liability protections for physicians who offer volunteer or charity services during an emergency or disaster; and 
• list federal and association resources for emergency and disaster response.

Course author

Laura Hale Brockway, ELS, is the Vice President, Marketing at Texas Medical Liability Trust.
‍

Disclosure

The author of this activity has no relevant financial relationship(s) with ineligible companies to disclose. TMLT staff, planners, and reviewers have no relevant financial relationship(s) with ineligible companies to disclose.

Target audience

This 1-hour activity is intended for physicians of all specialties who are interested in learning practical ways to reduce the potential for malpractice liability.
‍

CME credit statement

Texas Medical Liability Trust is accredited by the Accreditation Council for Continuing Medical Education (ACCME) to provide continuing medical education for physicians. 

Texas Medical Liability Trust designates this enduring material for a maximum of 1 AMA PRA Category 1 Credits™. Physicians should claim only the credit commensurate with the extent of their participation in the activity.
‍

Ethics credit statement

This course has been designated by TMLT for 1 credit in medical ethics and/or professional responsibility.
‍

Test

To receive CME credit, physicians should complete the test questions that follow the activity. A passing score of 70% or better earns the physician 1 CME credit.
‍

Pricing

The following fee will be charged when accessing this CME course online at http://tmlt.inreachce.com. 

Policyholders: $10

Non-policyholders: $75
‍

Instructions

CME test and evaluation forms must be completed online. After reading the article, go to http://tmlt.inreachce.com. Log in using your myPortal account information to take the course. Follow the online instructions to complete the forms and download your certificate. To create a myPortal account, go to www.tmlt.org, click the log in button, and follow the on-screen instructions.
‍

Release/review date

This activity is released on August 1, 2024, and will expire on August 1, 2027. 
‍

Please note that this CME activity does not meet TMLT’s discount criteria. Physicians. completing this CME activity will not receive a premium discount.

‍

Editor’s note: This article was planned for publication in the months before the Hurricane Beryl disaster struck Houston. TMLT is dedicated to the support of our physician policyholders across Texas, and we stand ready to help the Houston physician community during this difficult time. 

‍

Introduction

On July 8, 2024, Hurricane Beryl hit Houston. In a matter of hours, it left a trail of devastation that included flooded streets, severely damaged homes and property, and downed power transmitters that left millions of people without power.

Hurricane Beryl is the latest example of the kind of far-reaching disaster that can affect a community for weeks. This type of disaster — along with cyberattacks, EHR issues, pandemics, winter storms, and supply chain shortages — can be a major disruption to a physician’s practice and a threat to patient safety.

In addition to the important, practical role physicians play during a disaster, much of the physician community’s ability to respond when disaster strikes is due to the high levels of organization, dedication, and preparation demonstrated by physicians and their staff in their day-to-day work lives. 

That preparation includes establishing well-designed contingency plans for when disruption or disaster strikes. An up-to-date, comprehensive action plan could be the difference between an orderly return to seeing patients or weeks of downtime and frustration for your practice. Disaster preparedness plans can also enhance patient safety during emergencies and contribute to a coordinated community response to disasters. 

For these reasons, HIPAA enforces a federal security rule that requires physician practices to have contingency plans in place that outline the steps an organization would take in an emergency. ¹ A contingency plan is critical to protecting practice resources and data, minimizing disruption to patient care, and restoring normal practice operations.

“Contingency plans should cover all types of emergencies, such as natural disasters, fires, vandalism, system failures, cyberattacks, and ransomware incidents. The steps that must be taken for each scenario could well be different, especially in the case of cyberattacks vs. natural disasters. The plan should incorporate procedures to follow for specific types of disasters.” ²

This article will discuss the requirements for contingency plans, including how and what to communicate during a disaster and guidelines for plan testing and employee training.

‍

Creating your contingency plan

A first step in developing a contingency plan is to analyze and identify where your practice may be vulnerable. ³ 

• “Perform an analysis of potential disasters affecting your facility by reviewing patient, staff and physical safety as well as the protection of medical and business records. Are there potential hazards located nearby? Is there a river that may overflow or a volatile chemical plant?
• Consider all possibilities such as utility failures, a natural gas explosion, a broken water main or a lightning strike causing a fire in your office when every treatment room is filled.
• Prioritize events that may be unique to your setting such as women’s health centers being targets for bomb threats and violence.
• Develop a specific plan for the prevention of workplace violence as well as domestic violence that could be brought to the work setting.
• Consider collaborating with resources such [as] neighboring health care facilities, local law enforcement and the fire department. 
• Plans should also consider that your office may need repair, and you may not be able to return for an extended period of time. Explore how long your practice could be shut down before impacting your finances.” ¹

Use this information to address the four main elements of a HIPAA-compliant contingency plan. 

1. “A data backup plan ensures that when disaster strikes, PHI is not lost or destroyed. A viable copy of all ePHI must be created that allows exact copies of ePHI to be restored, which includes all forms of ePHI such as medical records, diagnostic images, test results, case management information, and accounting systems. It is a good best practice to adopt a 3-2-1 approach for backups: Create three copies of data, store them on at least two different media, and have one copy stored securely offsite. Backups must also be tested to ensure the recovery of data is possible.”

2. “A disaster recovery plan should establish the procedures that must be followed to restore access to data, including how files should be restored from backups. A copy of the plan should be readily available and stored in more than one location.”

3. “An emergency mode operation plan must ensure critical business processes continue to maintain the security of ePHI when operating in emergency mode, for example when there is a technical failure or power outage.”

4. Procedures for testing and revision of contingency plans — “all elements of the contingency plan must be regularly tested and revised as necessary. OCR recommends conducting scenario-based walkthroughs and live tests of the complete plan.” ²

‍

Other key elements of contingency plans 

‍

Plan activation and timing

Ask yourself, what event(s) will cause the activation of the contingency plan? Who has the authority to activate the contingency plan? What must be done during the first hour, day, or week? Ensure that all members of your staff fully understand the conditions of plan activation and timing. ²
‍

Staffing

Complete and update a staff emergency contact form. Contact information should be kept on the physicians, the practice administrator or manager, other key staff members, IT staff, building management, internet service provider, electricity provider, and cyber insurance carrier. If possible, include phone number, cell phone number, email address, physical address, and, if different, a mailing address for each contact.

Employees should have the contingency plan and contact information available on paper, with copies stored at home and in the office. ³
‍

Patient care

If your office is directly affected by the disaster and you are unable to see patients, refer your patients to alternative sources of care such as colleagues, specialists, the ED, or an urgent care clinic. Carefully document any instructions given to patients.
 

If it is accessible, review your office schedule to determine which patients missed appointments during the disaster, and review upcoming appointments. If possible, contact these patients to confirm their situation and document these efforts in their medical records. ¹
‍

Medications

Some patients may have left necessary medications behind as they evacuated their homes and may need replacement prescriptions. When contacting your patients, ask about their current situation, their medications, and any need for refills. If possible, call any needed refills into a local pharmacy. ¹
‍

Medical records and practice management software

• Determine how the practice would function regarding documenting care, communicating with patients, placing orders, and billing for services if your practice software and EHR were unavailable.
  
  
• What paper forms would you need to run the practice without the EHR?
  
  
• Create an emergency contact list of vendors and phone numbers. Keep copies of the contact forms and any other forms you need to operate if you can not access your systems. 

• Key employees should have the contingency plan and the contact forms available with copies stored at home and in the office. ³
  ‍

Phone lines, website, social media

Ensure phone lines continue working or are backed up and brought back quickly. Even if your office is not ready to reopen, create an outgoing phone message to keep your patients and staff updated on your status. Update the message as new information regarding your practice becomes available. You can also post updates on your practice website, patient portal (if available), and social media. ¹
‍

Practice paperwork

Important documents — insurance policies, lease agreements, real estate records, contracts, equipment warranties — can be scanned and stored digitally. Paper copies of these documents are best stored in a safe or safe deposit box. Maintain a record of the location of these documents. ¹
‍

Evacuation and shut down
‍

• Know where your office gas, electricity, and water connections are in case you need to turn them off. If feasible, keep back-up generators or a storage plan for your refrigerating systems.
• Be prepared for an orderly evacuation, including communicating with your business neighbors.
• For surgical or diagnostic facilities, determine whether it is safe for a procedure to continue or whether patients can be transported to another facility.
• If working in multistory buildings, be prepared to use the stairs, not the elevator.
• If conditions are safe, staff and patients should meet outside at a predetermined location.
• Designate staff to ensure all patients, visitors, and staff are out of the building.
• If your practice has a web-based or cloud-based EHR — and you have advance warning — make sure you take at least one mobile device with you so you may access it. If the practice has a local server, power down the server and move it. However, IT staff may be the only ones with the admin password needed to power down the server. In any case, take copies of the back-up if stored on site.
• If time permits, turn off equipment and secure drug cabinets and medical supplies.
• Secure cash/receipts and remove them, if possible.
• Place calls on forwarding to a secure source.
• Redirect arriving patients and post signs at the building and on your website and social media warning that the building is closed. ¹
  ‍

Insurance discussions

“Review the available coverage for physical repairs, record restoration, setting up a temporary practice location and other practicalities to allow you to return to the practice of medicine.” ¹
‍

Disaster documentation

“Create and retain a record of the disaster event and a list of any patient records affected, with recovery efforts, successes and failures outlined. This will allow for easy retrieval of general information should any legal or accreditation issues arise subsequent to the emergency.” ¹

Documentation of the incident can also help you prepare for other potential disasters and emergencies. “An after-action report is a great learning tool, as are post-incident meetings, in which all responders come together to discuss best practices, lessons learned, and areas to improve.” ⁴‍

‍
Establishing a communication plan

Each emergency situation requires communicating with key individuals including emergency government resources, physicians/advanced health care professionals, patients, vendors, and staff.

• Power may be down, so it may be helpful to have printed plans and an emergency contact list that includes phone numbers and emails for government emergency agencies, local hospitals, partners, colleagues, vendors, and others.
• Develop a staff communication tree designating the staff members who will communicate with those on the contact list. ¹
  ‍

Can you share patient information?

During disasters, questions may also arise about what kind of health information can be shared with friends and family, public health officials, and emergency personnel. ⁵

The HIPAA Privacy Rule allows patient information to be shared to assist in disaster relief efforts, and to assist patients in receiving the care they need. While the HIPAA Privacy Rule is not suspended during a public health or other emergency, the Secretary of the U.S. Department of Health and Human Services (HHS) may issue temporary, limited waivers of certain HIPAA provisions during a disaster or declaration of a public health emergency. ⁶ These waivers are typically issued as HIPAA bulletins on the HHS website. (For example, please see the bulletin issued during Hurricane Beryl and the  2021 Texas winter storm bulletin.) 

‍

Preparing, training, and testing 

HIPAA rules require physician practices to test and assess their plans. Contingency planning for HIPAA compliance “should be an ongoing process with plans regularly checked, updated, and tested to ensure any deficiencies are identified and addressed.” ² 

• Train staff about their roles during an emergency.

• Conduct drills at least twice per year. Always look for ways to improve your response to emergency situations.

• Restoring your patient data from a backup may be required if your practice is hit with a ransomware or other hacking attack. To ensure the backup will fully restore your systems, test these backups at least once per year. ¹ 

Contingency planning can help you provide the best possible care for patients during an emergency or disaster. “An office emergency preparedness program removes the anxiety of dealing with unusual issues, keeps necessary medications and equipment current and in working condition, and identifies problems prior to an actual emergency so that they can be resolved.” ⁷

‍
Recovering damaged medical records

‍

If your practice experiences an IT system failure or structural damage as the result of a disaster, please refer to these guidelines for recovering damaged medical records.
‍

Report the loss to your general liability/property/cyber insurance carriers. Keep the documentation sent to and from your property insurance carrier verifying water damage or other event. In the event of a medical liability claim, this documentation could be important. Having the appropriate documents could protect you against an allegation of intentional “spoliation” of records.

If applicable, immediately contact your EHR vendor regarding recovery of data and back-up records.

If any records are salvageable, try to preserve them. There are companies that specialize in paper and digital document remediation. Be sure to obtain a HIPAA Business Associate Agreement with any vendor (IT service, document restoration or destruction).

If the records are not salvageable and what’s left of them needs to be destroyed, be sure that the destruction (shredding, erasing of hard drives or servers, etc.) is complete and well documented. Keep a list of all patients whose records were destroyed, along with details of what happened, dates, etc.

Try to re-create records as best you can by requesting outside records such as lab reports, diagnostic testing, operative reports, and other records. It may also be worthwhile to upload information from practice management software and investigate the recovery of any recorded or transcribed records from outside services or voice recognition software. Any “re-created” records should be clearly labeled as such, with the current date. You may also wish to make a copy or photograph of the records.

‍The documentation should reflect what happened
(water damage, record destroyed) and that the patient’s history is uncertain due to lost information as of (date), etc. At your discretion, you may consider whether to obtain new history forms and/or talk to the patient to gather additional history.

Conduct an assessment to evaluate the potential or actual breach of protected health information and determine your next steps. Contact your liability insurer to investigate whether you have coverage for possible privacy breaches. If so, they will be able to assist you in determining whether patient notification is required and how to proceed.

Health insurance carriers may require attestation forms regarding lost/destroyed records. Check with your carriers about this.

‍

Volunteer and charity care

‍

Each year thousands of physicians and other health care professionals volunteer to help those in need of medical treatment after a natural disaster or other emergency. One of the challenges of volunteering in the health care field is the fear of malpractice liability associated with providing these services. Fortunately, both state and federal laws offer some liability protection to volunteer health care professionals. This article covers applicable laws in Texas. If you practice outside of Texas, please refer to your state medical board for guidance. 

Texas state law

Texas has both a charitable immunity law and a Good Samaritan law. Good Samaritan laws protect health care professionals providing care in emergency situations. Charitable immunity laws protect health care professionals who provide non-emergency care for certain charitable organizations. ⁸

In general, these laws make it more difficult for plaintiffs to win a liability claim but do not guarantee that volunteers will not be sued. The legal immunity provisions prevent liability awards. They do not prevent lawsuits. Anyone who can afford a filing fee can file a lawsuit. The physician is then left to assert the immunity statutes as an affirmative defense (Affirmative defense means that after the lawsuit is filed, the physician must prove the law provides protection.) ^{9, 10}
‍

Texas Good Samaritan law

Under the Texas Good Samaritan law, a physician who “in good faith administers emergency care is not liable in civil damages for an act performed during the emergency unless the act is willfully or wantonly negligent.” ¹¹ The law applies to a person who administers care using an external automated defibrillator or who administers emergency care as a volunteer first responder. ¹¹

Physicians providing emergency care at the scene of an emergency are immune from civil liability unless:

• their actions are willfully and wantonly negligent;
• they expect payment for the care;
• they regularly administer care in a hospital emergency department (unless they are at the scene of the emergency for reasons not related to their work);
• their actions caused the emergency; or
• the physician was at the scene soliciting business or seeking to perform a service for remuneration. ¹¹

It should be noted that the Texas Good Samaritan law does not apply when a physician is practicing in a hospital emergency department.

‍

Charitable immunity

A state law known as the Charitable Immunity and Liability Act of 1987 provides physician volunteers with civil liability limits for performing nonemergency care for certain charitable organizations. ¹²

Under the act, a “volunteer” is a person rendering services for a charitable organization who does not receive compensation in excess of reimbursement for expenses incurred. This includes a person serving as a director, officer, trustee, or direct service volunteer. ¹²

There are 10 types of health care providers who may be “volunteer health care providers,” provided that they are either licensed or retired and eligible to provide health care services under Texas law. These include practicing or retired: physicians, physician assistants, registered nurses (including advanced practice nurses), vocational nurses, pharmacists, podiatrists, dentists, dental hygienists, and optometrists or therapeutic optometrists. ¹²

According to the law, a volunteer health care provider who is serving as a direct service volunteer of a charitable organization is immune from civil liability for any act or omission resulting in death, damage, or injury to a patient if the following requirements are met:

• the provider acted in good faith in the scope of volunteer duties within the organization;
• the act or omission was committed in the scope of providing health care services;
• the services are provided within the scope of the volunteer's license; and
• the volunteer obtains a written statement signed by the patient or the patient's legal guardian that acknowledges limitations on the recovery of damages from the volunteer and stipulates that the volunteer does not expect compensation for the service. ¹³ (Please see sample disclosure form below.)

For a complete list of qualifying charitable organizations, please see Texas Civil Practice and Remedies Code, Chapter 84, Section 84.001-84.004. ¹²

In 2019, the Texas Legislature passed Senate Bill 752 to “fill the gap” in existing law to limit civil liability for health care professionals who are not affiliated with a charitable organization. SB 752’s liability protections are in place “regardless of whether services are provided in connection with an emergency (some care may not be emergent), or whether the services are provided in connection with a nonprofit or at the direct request of a governmental entity.” ¹⁴

SB 752 does not apply to “reckless conduct, or intentional, willful, or wanton misconduct during the provision of care, advice, or assistance. Accordingly, a health care institution may still be held vicariously liable for a volunteer health care professional who engages in this prohibited conduct while providing services during a natural or man-made disaster.” ¹⁴

‍

Federal law

Physician volunteers are also protected under the federal Volunteer Protection Act (VPA). (15) Passed by Congress in 1997, the VPA provides all volunteers for nonprofit organizations and government entities with protection from liability for harms caused by their acts or omissions while serving as volunteers. 

This federal statute pre-empts any conflicting state law, although states may enact broader protections. Four requirements must be met for the law to apply:

• the volunteer is acting within the scope of his or her responsibilities;
• the volunteer is properly licensed, certified, or authorized by the state to practice;
• the harm was not caused by willful or criminal misconduct, gross negligence, reckless misconduct, or conscious indifference to the rights/safety of the person injured; and
• the harm was not caused while the volunteer was operating a motor vehicle or other vehicle for which a license or insurance is required. ¹⁵

The liability limitations only apply to the volunteer (not to the organization) and “volunteer” includes individuals serving as directors, officers, trustees, or a direct service volunteer. Volunteers must not receive compensation or anything in place of compensation that is in excess of $500. ¹⁵

Under the VPA, two types of organizations qualify as nonprofit organizations: a 501(c)(3) organization as defined by the Internal Revenue Code and exempt from tax under 501(a); and any nonprofit organized for the public benefit and operated primarily for charitable, civic, educational, religious, welfare, or health purposes. The organizations must also not practice any action which constitutes a hate crime. ¹⁵

The VPA does not limit liability for crimes of violence; international terrorism; acts that constitute a hate crime; sexual offense; civil rights violations; or if the volunteer was under the influence of alcohol or any drug at the time of the misconduct. ¹⁵
‍

Risk management considerations

• Though the federal and state laws described in this article make it more difficult for a plaintiff to win a liability suit, they do not guarantee that a physician volunteer cannot be sued. This being the case, follow the same risk management practices you follow when caring for any patient — stay within your scope of practice, refer when appropriate, thoroughly document encounters in the medical record, communicate patient instructions clearly, etc.
  
  
• In certain situations, you may not have access to the patient’s medical records or be able to contact any previous treating physicians. You may have to rely on the patient to obtain a medical history. Because patients may provide incomplete or inaccurate information and the patient’s medical history could become a contested issue in a malpractice claim, document this information in a way that makes it clear this is what the patient told you. For example, “patient reports no drug allergies” or “patient says his last cardiac work-up was normal.”
  
  
• Specifically, when volunteering or providing charity care, stay within your scope of service and license, and obtain written consent from the patient. (Please see sample disclosure form below.) This will increase the likelihood that you will be protected by state and federal charitable immunity laws.
  

‍

Sample consent form for use by volunteer health care professionals in non-hospital charitable organizations.

‍

Consent for charity care 

‍

I, ___________________________, acknowledge that Dr. __________________ is a. volunteer health care provider, and is not administering care for or in expectation of compensation. I also understand that as a volunteer health care provider, the physician is immune from civil liability for any act or omission resulting in death, damage, or injury as long as the volunteer acts in good faith and in the scope of his or her duties within the organization in providing the health care services.

‍

Furthermore, I realize that the civil liabilities of both the charitable organization and an employee of the charitable organization are limited to money damages of $500,000 for each person, $1,000,000 for each occurrence of bodily injury or death, and $100,000 for each occurrence of injury to property. These limits apply to the employee and the organization separately; they are not aggregate limits.

‍

_______________________________                                     _______________________

Patient’s signature                                                         Date

‍

‍

Emergency and disaster response resources

Federal 

• Centers for Disease Control and Prevention 
• Federal Emergency Management Agency 
• U.S. Department of Health and Human Services, Emergency Preparedness & Response 

Texas, state

• Center for Health Emergency Preparedness and Response 
• Texas Public Health Regions 
• Texas Division of Emergency Management 
• Texas Homeland Security Preparedness  
• Disaster Behavioral Health Services ‍
• Texas Critical Incident Stress Management Network
  
  

Texas, local 

• Local health departments and districts of Texas 

Associations and professional organizations

• Texas Medical Association 
• Texas Medical Board 
• Texas Association of Local Health Officials 
• Association of State and Territorial Health Officials 
• National Association of Counties & City Health Officials 
• Council of State and Territorial Epidemiologists 

‍

Sources

‍

1. Porcaro J. Disaster preparedness for physician offices. American Society for Health Care Risk Management website. December 12, 2018. Available at https://forum.ashrm.org/2018/12/12/disaster-preparedness-for-physician-offices/.
   Accessed June 17, 2024.
2.  Alder S. HIPAA rules on contingency planning. The HIPAA Journal. December 14, 2023. Available at https://www.hipaajournal.com/hipaa-rules-on-contingency-planning/.
   Accessed June 17, 2024.
3. Bryant C, Toerner K. Contingency planning for your practice. TMLT webinar. February 2022. Available at https://hub.tmlt.org/webinars/contingency-planning-for-your-practice.
   Accessed June 17, 2024.
4. Odisha State Open University. Disaster Strikes — Environmental Health Responds: Stories from the Field. Reporting, Documentation, & Record-Keeping. Available at https://osou.ac.in/eresources/reporting-documentation-record-keeping.pdf.
   Accessed April 10, 2024.
5. U.S. Department of Health and Human Services. Emergency Situations: Preparedness, Planning, and Response. September 13, 2023. Available at https://www.hhs.gov/hipaa/for-professionals/special-topics/emergency-preparedness/index.html.
   Accessed June 17, 2024.
6. U.S. Department of Health and Human Services. Is the HIPAA Privacy Rule suspended during a national or public health emergency? Last reviewed December 28, 2022. Available at https://www.hhs.gov/hipaa/for-professionals/faq/1068/is-hipaa-suspended-during-a-national-or-public-health-emergency/index.html.
   Accessed June 17, 2024.
7. Rothkopf L, Brennan-Wirshup M. A Practical Guide to Emergency Preparedness for Office-Based Family Physicians. Family Practice Management. March/April 2013. Available at http://www.aafp.org/fpm/2013/0300/p13.html.
   Accessed June 17, 2024.
8. Texas Medical Association Office of General Counsel. Charitable immunity. July 2014. Available at https://tma.custhelp.com/app/answers/detail/a_id/759.
   Accessed June 17, 2024.
9. Berlin, J. Pandemic poses legal pitfalls: TMA seeks better liability shields. Texas Medicine. August 2020. Texas Medical Association. Available at https://www.texmed.org/Template.aspx?id=54308.
   Accessed June 17, 2024.
10. Brockway L. Volunteer and charity care. Texas Medical Liability Trust Resource Hub. Available at https://hub.tmlt.org/tmlt-blog/volunteer-and-charity-care.
    Accessed June 17, 2024
11. Texas Civil Practice and Remedies Code. Chapter 74. Section 74.151 Liability for emergency care. Available at https://statutes.capitol.texas.gov/Docs/CP/htm/CP.74.htm.
    Accessed June 17, 2024.
12. Texas Civil Practice and Remedies Code. Chapter 84. Charitable Immunity and Liability. Section 84.001-84.004. Available at https://statutes.capitol.texas.gov/Docs/CP/htm/CP.84.htm.
    Accessed June 18, 2024.
13. Texas Civil Practice and Remedies Code. Chapter 91. Liability of volunteer health care practitioners. Section 91.001-91.004. Available at https://statutes.capitol.texas.gov/Docs/CP/htm/CP.91.htm.
    Accessed June 18, 2024.
14. Texas Medical Association Office of General Counsel. Disaster Liability: Limiting liability for volunteer health care professionals during a disaster. A General Overview of Senate Bill 752 (86th Legislature). August 2019. Available with login at https://www.texmed.org/Template.aspx?id=51291.
    Accessed April 10, 2024. 
15. U.S. Code Title 42. Chapter 139—Volunteer Protection. Section 14501-14505. Available at https://uscode.house.gov/view.xhtml?path=/prelim@title42/chapter139&edition=prelim.
    Accessed June 18, 2024.

‍