Healthcare
Lawsuits and Lessons Learned
Since the adoption of special amendments to the Federal Rules of Civil in late 2006, the field of e-discovery law has become more dangerous for healthcare organizations.
Recent cases show courts are serious about expecting litigants to possess and be able to find their email and other electronic records. Litigation trends suggest that a healthcare institution is wise to be generous in the retention of email by decision-makers and to be capable of easily finding and searching the more recent records.
A prudent course would be for the institution to implement a central e-mail archival system.
HealthSouth Corporation
Electronic records such as email do more than satisfy discovery requests in litigation. They serve as a check against mistake, fraud and other wrongdoing. Healthcare institutions need these records to enable investigations of misconduct on the part of administrators or other decision-makers. For example, the board of directors of HealthSouth Corporation (an operator of multiple hospitals) discovered massive accounting and Medicare fraud within the company. More than a dozen company officials pled guilty to fraud.(1)
However, part of the board’s investigation was hampered by the company’s policy of destroying email relatively quickly. The board’s Special Audit Review Committee reported that it was unable to learn everything about the fraud on account of “the unavailability of certain corporate records” and “the Company’s email retention practices, which ha[ve] resulted in the elimination of most electronic communications generated during the period under investigation.”(2)
A board of directors has a fiduciary responsibility to oversee the actions of management. A hospital board, for example is concerned with the potential for accounting improprieties and Medicare fraud.5 The board’s oversight function requires access to email records. Those records contribute to corporate internal control, and make misconduct like bogus Medicare billings more difficult.
Caremark
A board of directors has much incentive to fulfill its fiduciary responsibility here. If it does so, it protects itself from liability. Take for instance the story of Caremark International, a supplier of medical products and services. The company had paid the government a $250 million fine because some employees had been bribing physicians to prescribe the company’s products and services to Medicare patients.
In the wake of this fine, the shareholders sued the board of directors, claiming it had not done enough to prevent the bribery. However, the board had a defense. The board had implemented a substantial ethics program and a system of internal controls to prevent bribery. Even though the board’s efforts failed to prevent all bribery, they were enough to protect the board from liability. The court held the board had met its fiduciary duty. (3)
The lesson from the Caremark case is that boards simply must take reasonable steps to achieve internal control and shut down fraud. Today, the retention of decision-maker email is one such step, as it is not very difficult or expensive.
Sonnino v. University of Kansas Hospital Authority
The scope of the demand for records in a lawsuit – even one involving a healthcare institution – can be extensive. In Sonnino v. University of Kansas Hospital Authority. (4) for instance, a medical professor sued a university hospital for retaliation after she had complained about sexual discrimination. She claimed her hospital privileges had been improperly curtailed.
Under the powers of discovery in the litigation, she demanded access to voluminous e-mail and other records of many administrators and professionals at the hospital. Her rationale for demanding these records was that they could possess evidence of whether decision-makers had engaged in retaliation. The hospital objected on the grounds that her demands for discovery were too broad and onerous, but the court upheld the professor’s demand. The hospital eventually settled the case.
Our legal and political culture harbors a deep belief that if records were created, they need to be retained and disclosed for the purpose of resolving disputes. Hospitals have therefore been held liable for failing to preserve patient records.
Fox v. Cohen
In Fox v. Cohen, for example, a hospital was found negligent for losing records that would have supported a patient’s malpractice claim against a physician.(5) Courts judge records management decisions retrospectively, in other words, with 20/20 hindsight. Courts evaluate a party’s record retention and destruction practices after they have been implemented.
What this means in practice is that organizations are at risk. If an institution makes a record-keeping mistake, it can be punished for failing to possess or find the records that a court later believes should have been preserved.
Hence, it has incentive to give itself a margin for error and store more.
Contact us for a free 30 minute email policy consultation.
1. “HealthSouth Report Finds $2.7B in Fraudulent Accounting Entries,” June 3, 2004
http://www.webcpa.com/article.cfm?articleid=4618&page=2
2. Special Audit Review Committee forensic accounting report, May 28, 2004, attached as Exhibit to Form 8-K filed with the Securities and Exchange Commission by HealthSouth Corp. on June 1, 2004.
US Department of Justice Press Release, March 15, 2007, “New Jersey Hospital to Pay United States $7.5 Million to Resolve Allegations of Defrauding Medicare.”
3. Caremark International Inc. Derivative Litigation, 698 A.2d 959 (Del. Ch. 1996).
4. 220 F.R.D. 633 (D. Kan. 2004); http://www.aauw.org/advocacy/laf/cases/sonnino.cfm
5. 406 N.E.2d 178 (Ill. 1980).
©Copyright Benjamin Wright 2008.
