Recording Phone Calls, Quirky Question # 85

Posted by on March 4, 2009 · Leave a Comment 

Quirky Question # 85:

We recently heard a rumor that a member of our software engineering staff is planning to leave and start a software company of his own that may compete with us.  Further, we have heard that he is discussing his plans with others outside of our company using the desk phones in our San Francisco office.  We would like to record his conversations to see what he is planning and whether he is using any of our proprietary information or soliciting any of our employees to join him.  Since we own the telephone system, can’t we record or listen in to his calls?

[Readers: Quirky Question # 85 was submitted to my colleagues in our Palo Alto office.  The analysis was provided by Jennifer Prieb.  If you have questions or comments, don't hesitate to contact Jennifer directly at prieb.jennifer@dorsey.com, or 650.843.2745.  Jennifer, a 2004 graduate of Azusa Pacific University and a 2007 graduate of Santa Clara University School of Law, would be happy to address your inquiries.  Regards, Roy]

Jennifer’s Analysis:

While you may have good reason to worry about whether this employee is using your confidential information or improperly soliciting your employees, eavesdropping on telephone conversations to find out is very risky in all states, especially California.  Although federal law provides limited exceptions that allow employers to monitor private telephone conversations, California law subjects employers to criminal and civil penalties for the same, even when the employer owns the communication system.

As information technology has expanded in the workplace, so too have legal and ethical privacy issues for employers.  Monitoring the use of electronic equipment in the workplace can be tricky, and employers need to understand the strict federal and state laws that limit those actions.  Generally, both federal and California laws prohibit eavesdropping through the monitoring or recording of confidential telephone conversations.   

The Federal Electronic Communications Privacy Act 

An employer who “provides” a telephone and/or voice-mail system may access those systems only under certain conditions.  As a general rule, the Electronic Communications Privacy Act (“ECPA”) prohibits intentional interception or disclosure of electronic communications.  18 U.S.C. § 2501, et seq.; 18 U.S.C. § 2701, et seq.  Courts have found that eavesdropping or recording a conversation at the time of transmission constitutes “interception.”  United States v. Meriwether, 917 F.2d 955 (6th Cir. 1990); Fraser v. Nationwide Mutual Insurance Co., 135 F. Supp. 2d 623 at 634.  On the other hand, mere retrieval of stored information, such as voice-mail, probably would not be considered a violation of the Act because the transmission has already ceased.   

There are two key exceptions to the ECPA that allow employers to monitor their employees.  First, an employee may either expressly or impliedly consent to an employer’s monitoring.  Federal courts are split on what constitutes implied consent, and they often examine the way a company sets out and enforces its policies.  Although courts are usually reluctant to find implied consent, it has been found where

the employee is informed of the well-known monitoring program and the policy is consistently enforced.  If the policy is not clear that personal calls as well as business calls will be monitored, then consent may not be found. 

The second ECPA exception to electronic monitoring allows employers to monitor an employee’s telephone calls or voice-mail messages in the ordinary course of business.  For example, if the communications are intercepted by employer telephones or related equipment for the purposes of customer service or training, the business use exception would likely apply.  Even so, courts look to whether there is a reasonable business justification for the monitoring in each case, and have created somewhat varying standards when applying this exception. 

The ECPA was designed for those employers who “provide” phone and/or voice-mail systems, and, thus, it does not apply to employers whose electronic systems are provided by an outside entity.  Because you own your company’s telephone system, your company may fall within the federal exceptions to telephone monitoring, so long as you set forth and consistently enforce clear policies, obtain the consent of your employees, and conduct the monitoring in the ordinary course of business.  California law, however, is a very different matter. 

California Privacy Act 

In California, persons who eavesdrop or surreptitiously record workplace conversations are vulnerable to civil or criminal liability under the Privacy Act.  Cal. Penal Code § 630, et seq.  Unlike federal law, California does not provide a business use exception, but it does permit electronic monitoring of “confidential communications” with the consent of all parties.  

The Privacy Act defines “confidential communication” as “any communication carried on in circumstances as may reasonably indicate that any party to the communication desires it to be confined to the parties thereto.”  Excluded from this definition is “a communication made in a public gathering . . . or in any other circumstance in which the parties to the communication may reasonably expect that the communication may be overheard or recorded.”   

In 2002, the California Supreme Court adopted a broad reading of the Privacy Act to resolve a split in the Courts of Appeal concerning the definition of “confidential communications.”  Flanagan v. Flanagan, 27 Cal.4th 766 (2002).  The court held that the Privacy Act applies to “the actual conversation, not its contents,” and distinguished between “simultaneous dissemination” of a conversation and the “secondhand repetition” of its contents.  This means that eavesdropping is prohibited in California only if done while the message is in transit.  As a result, the mere retrieval of stored voice-mail messages that have already been transmitted may limit an employer’s exposure to criminal or civil liability.  

Many employers choose to notify employees in advance, through a written policy within their employee handbook, that their activities may be monitored.  Under any circumstances, an employer should warn all employees using its electronic communication systems that they should not expect their communications to be private.  Some may even go so far as to indicate on outgoing voice messages that the caller’s message may be monitored by the company.  However, because California law requires the consent of both parties to a “confidential communication,” eavesdropping or recording is prohibited if any party to the conversation expects it to be private.  For this reason, while there are certainly steps you can take to protect your confidential information, especially if you have a written technology usage policy in place, recording or listening in on the employee’s calls may be a perilous option.

Filed under California Questions, Privacy Rights · Tagged with

Secret Use of Video Cameras to Monitor Employees, Quirky Question # 49

Posted by on July 28, 2008 · Leave a Comment 

Quirky Question # 49:
We have had various situations where we have thought that secretly installing a video camera would help us identify individuals behaving inconsistently with our company’s workplace rules.  We don’t know whether this is a good or bad idea and we don’t know what risks are associated with secret videotaping of our employees.  Do you have any thoughts on this subject that you would be willing to share?

Roy’s Analysis:
Your question is a good one, but you have not given me quite enough information to respond specifically.  What types of “situations” have you had where you concluded that the secret  installation of a video camera would benefit the company?  What types of conduct has occurred that you believe is “inconsistent with your company’s workplace rules?”  Are you referring to the theft of company property?  Illegal drug use?  Something else entirely?  Depending on the nature of the problem your company is confronting, you may or may not want to consider secret video surveillance of your employees. 

In addition, there are a few other questions I would pose to you.  First, where do you intend to install the cameras?  Second, are the cameras going to be on 24-7, or will they be confined to the hours following the conclusion of the workday?  Third, is your workforce unionized?  Fourth, if the existence of the cameras became known to your employees, how do you think they would react?  Finally, are there less intrusive methods of gathering the information you deem important?  Each of these questions should be assessed by you when considering whether to install video cameras without your employees’ knowledge.

In general, with respect to non-union employees (union employees are discussed further below), the use of secret video cameras is permissible.  But I wonder whether use of the cameras is worth the ill-will that likely would be generated (“the company was spying on us” reaction) if the existence of the cameras is revealed at some point.  (And, you should assume that, at some point, your company’s use of the cameras will be revealed.)  Another concern I have is that the use of video cameras creates the opportunity for mischief.  This could apply both to how the cameras are used and what is done with the videotapes generated by the surveillance.

For example, let me start with an extreme (and I hope, atypical) scenario, which concededly is beyond the scope of your question.  In a case out of Georgia in 2005, a male supervisory employee at a company set up a video surveillance camera in the ceiling of a women’s worksite restroom.  The outcome of the ensuing litigation was predictable – the company lost the “invasion of privacy” litigation even though it claimed ignorance of the supervisor’s conduct.  See, Johnson vs. Allen (Ga. Ct. App. March 17, 2005).  Oh yeah, another consequence of the behavior was that the supervisory employee was fired.

Even if the supervisor was not just a voyeur and had a legitimate purpose in mind, the secret installation of video cameras in a bathroom, locker room, or similar location is going to lead to litigation the company will not be able to win.  For example, even if a company had credible evidence that narcotics sales were taking place in the women’s restroom, the solution is not to install video cameras in the women’s restroom.  Call your County Attorney and let the prosecutors and police determine the best way to address your suspicions regarding the sale of narcotics. 

Another case, this one from California, illustrates the potential problems with regard to the use of secret video cameras, even if the employer is trying to address a legitimate workplace problem.  In the case of Hernandez v. Hillsides, Inc., B-183713 (Ct. App. September 14, 2006), the employer set up a motion-activated camera in an office to determine who was accessing a company computer at night to view pornography.  A manager disconnected the camera each day before the workday began and reconnected the camera each night after the workday was over.  One day, the manager forgot to disconnect the camera in the morning.  Of course, this was the day that two employees discovered the still-recording camera.  They sued for invasion of privacy.  Although the trial court found that the employer’s interest in installing the video camera was legitimate, and outweighed the two employees’ expectation of privacy in their shared office, the appellate court disagreed.  The California Court of Appeals found that an employee “need not establish that he was actually viewed or recorded to succeed on a cause of action for invasion of privacy.”  The court noted that the employer could have used the camera if it provided notice to the employees that the camera was in use.  But, obviously, this typically would defeat the purpose of the monitoring.  [Note that the California Supreme Court accepted review of the Hernandez decision in 2007.  I have not seen, however, any subsequent activity relating to this case.]

The Hernandez case was decided on the protections afforded by the California Constitution.  This highlights another point applicable to this question, and much of employment law.  Although there are critically important federal statutes regulating many facets of employment law (Title VII, the Americans with Disabilities Act, the Age Discrimination in Employment Act, the National Labor Relations Act, to name just a few), much of employment law is state law dependent.  What may be acceptable in Minnesota may not be acceptable in California or other jurisdictions.  Therefore, when determining the appropriate course of conduct for your employer, you must consider where your policies or procedures will be applied. 

As referenced above, another key consideration when evaluating the use of secret video surveillance is whether the employees being monitored are parties to a collective bargaining agreement.  The National Labor Relations Board has held that it is an unfair labor practice to install hidden surveillance cameras without bargaining with the workers on this subject.  See, Anheuser-Busch, Inc., 342 NLRB No. 49, 7/22/04.  But, in a split decision, the NLRB did NOT revoke the discipline imposed on the workers (including discharge) based on the activities revealed by the surveillance cameras. 

As these examples illustrate, the decision to utilize secret video surveillance is not an easy one.  You should ensure that the individuals involved in setting up and monitoring the cameras, as well as handling the tapes, are completely responsible.  You should consider carefully whether there is a less intrusive method of obtaining the information provided by the video cameras, recognizing that some courts (especially in some states) may be particularly sensitive to the privacy interests of the affected employees.  And, you should ensure that the interests you are seeking to protect could be legitimately juxtaposed to the privacy intrusion represented by the use of this surveillance technique.  If you are confident about your analysis of these issues, when applied to the law of the jurisdiction where you seek to install the cameras, and if you are cognizant of the fact that such use would not be appropriate for a unionized workforce, you may elect to utilize surveillance cameras.  Finally, however, be attuned to the impact such use, if disclosed, would have on management-employee relations.  When you factor that variable into your calculus, you may decide that the benefits of surreptitious surveillance just aren’t worth it. 

Filed under Privacy Rights · Tagged with

Disclosing Information Regarding Past Felony, Quirky Question # 38

Posted by on May 27, 2008 · Leave a Comment 

Quirky Question # 38:

Our company is a food retailer.  We hired a convicted sex offender, who, after serving time in prison for his felony conviction, had been released.  Given that he had “paid his debt to society,” we felt that we should not refuse to hire him because of his prior conviction.  Moreover, because the job for which he was hired involves very limited interaction with the public, we were not concerned about any risks there.

Very few employees in our organization are aware of our employee’s prior conviction and incarceration, but as the Director of Human Resources, I am knowledgeable about the employee’s felonious past.  It recently came to my attention that one of our other employees occasionally has allowed the convicted sex offender to baby-sit for her pre-teen daughter.  Do I have a legal duty to intervene?  What are the risks of intervention?  Are there any risks to non-intervention?

Roy’s Analysis:

Several weeks ago, I addressed the fundamental issues involved in the legal theory of “negligent hiring.” (See Quirky Question # 26, or access it by using the “View by Topic” tab at the upper right). As I explained previously, in the seminal Minnesota case on that topic, Ponticas v. K.M.S. Investments, the Minnesota Supreme Court emphasized that “an employer has a duty to exercise reasonable care in view of all the circumstances in hiring individuals who, because of their employment, may pose a threat of injury to members of the public.” As your question demonstrates, you already have given some thought to this issue. You are fully aware of the employee’s past conviction and as you note, given the employee’s limited interaction with the public, you do not feel that you are exposing the public (and, ultimately, your company) to risk on that front.

A decade after the Ponticas decision, another grim case made its way through the Minnesota judicial system that implicated analogous issues. That case, Yunker v. Honeywell, Inc., 496 N.W.2d 419 (Minn. Ct. App. 1993), involved a bizarre fact pattern. A Honeywell employee, Randy Landin, became infatuated with a co-worker. The infatuation was not reciprocated, however, and Landin responded by murdering his co-worker. Landin was convicted of the lesser offense of manslaughter and sent to prison. After serving five years in prison, he was released. (An entirely separate question, beyond the scope of this analysis, is whether five years in prison is a sufficient penalty for taking another person’s life.)

After he was released from prison, he reapplied for a custodial position at Honeywell. Like your company, Honeywell concluded that he had discharged his debt to society, and rehired him. Like your firm, Honeywell took into consideration the fact that the employee, by virtue of the position he would occupy, would have relatively little contact with the public. Honeywell apparently concluded that his past conduct would not pose a risk to other Honeywell employees or members of the public.

Unfortunately, Honeywell was wrong. Not long after he was hired, Landin became interested in another Honeywell employee, a female employee who also worked on Honeywell’s custodial staff. As had happened previously, his amorous sentiments were not reciprocated. Tragically, his response to this second “rejection” was the same as his response to the first – he murdered the co-worker who had rejected him. The co-worker’s estate sued Honeywell on multiple theories, including negligent hiring, negligent retention and negligent supervision.

The Minnesota Court of Appeals rejected the decedent’s estate’s negligent hiring theory, a decision driven largely by a public policy analysis. As the appellate court pointed out, imposing liability on Honeywell under a negligent hiring theory would “essentially hold that ex-felons are inherently dangerous and that any harmful acts they commit against persons encountered through employment will automatically be foreseeable.” The court found that such a result would “offend our civilized concept that society must make a reasonable effort to rehabilitate those who have erred . . ..” Based on this reasoning, the appellate court concluded that “public policy” supports a “limitation on this [negligent hiring] cause of action.” (For reasons not directly relevant to your situation, the Court of Appeals did find that Honeywell had “negligently retained” the employee – he had engaged in other problematic behaviors since he had been rehired – and the case was sent back to the District Court on that theory.)

Applying that precedent to your situation suggests two points, neither of which (I admit) is directly responsive to your specific questions (which I will address below). First, it would appear that your company’s decision to hire this individual should not expose your company to a negligent hiring claim. As the Yunker court emphasized, if employers are precluded from ever hiring anyone with a felonious past, those individuals will be doomed to permanent unemployment. Second, however, you will need to monitor the situation closely. If the employee you hired engaged in any conduct that you found troubling, you will need to address that situation promptly. You do not want to allow a situation to remain unremedied, especially if the context implicated any of the issues relating to his prior conviction. Disregarding this potential problem could expose your company to considerable liability.

The fact pattern you presented, however, is more subtle. You did not suggest that the employee has engaged in any problematic conduct in the workplace. Rather, you simply have learned that the employee occasionally has been asked to baby-sit for a co-worker’s pre-teen daughter. The first question you asked is whether you have a “legal duty” to intervene. In my view, you do not. A company is not obligated to apprise its entire workforce of all of the dark secrets and past problems of which it is aware regarding all of its employees. Indeed, it would be an imprudent precedent to begin doing so for multiple reasons.

The next two inter-related questions you ask (what are the risks of intervention versus non-intervention) are tougher inquiries. As to the former, the risk of intervention would seemingly revolve around a potential defamation claim by the employee who had served time in prison. I will address defamation more thoroughly in other Blog postings, but the key point you need to understand here is that truth is a complete defense to a defamation claim. In short, to the extent you share any information with the employee who has asked the former felon to babysit, you need to be accurate. Do not embellish. Do not exaggerate. Stick to the facts and then stop. Taking this approach should eliminate any potential exposure on a defamation claim.

As to the latter (the risk of non-intervention), from a legal perspective, I see little risk to your firm. Even if your employee engaged in horrific conduct and sexually assaulted your other employee’s daughter, I do not believe that your company would risk legal exposure. (This assumes, of course, that you have not made affirmative representations to your employees regarding what a terrific babysitter this employee would make.)

I have suggested in a few of my other Blog postings, however, that the legal analysis often does not end the inquiry. I suggest that you consider this issue as a parent might consider it. In this context, the greatest risk of “non-intervention” is the risk that the pre-teen daughter might be assaulted. Although the likelihood of this possibility may be miniscule, the consequences if it did occur would be traumatic. Further, if you were asking someone to babysit for your daughter, I have little doubt that you would want to know whether the individual had previously served time in prison for a sex-related offense. When considering the issue in this context, I believe the desired course of conduct is clear – pertinent information should be shared with the employee who is having the ex-felon babysit for her daughter.

You may discover that the employee himself already has shared this information and has provided sufficient reassurance to his co-worker that she has no reticence about hiring him. You may discover that she was unaware of the pertinent facts but that she is willing to use him to provide this assistance despite his prior conduct. But, you also may discover that she was unaware of the employee’s background, is troubled by it, and wants to terminate the baby-sitting activities. At the present time, you do not know which of these scenarios might apply. Once you have shared the data (and done so with the request that it remain confidential), your employee will be able to make an informed decision regarding how she wishes to proceed. And I suspect you will sleep easier at nights if a subsequent problem ever does occur.

Filed under Criminal Convictions, Disclosing Past Felonies, Negligence, Negligent Retention, Negligent Supervision, Privacy Rights · Tagged with

Need for Search Warrant, Quirky Question # 36

Posted by on May 12, 2008 · Leave a Comment 

Quirky Question # 36:
We recently learned that one of our employees has illegal pornography on his work computer.  We know we can discipline him (up to and including termination).

The police recently requested a copy of his computer hard drive.  Can we turn the hard drive over to the authorities even if they do not have a search warrant?  Do we have to notify the employee that we are going to do so?

Roy’s Analysis:
 
Yes to your first question; no to your second inquiry. 
For the purposes of your inquiry, I will assume that you learned your employee had illegal pornography on his work computer when the police requested a copy of his hard drive and not before.  My assumption is that if you had learned previously and independently that your employee was engaging in illegal conduct (here, possessing illegal pornography), your company would have taken responsive actions to remedy that situation, including, possibly, notifying appropriate law enforcement officials. 

Courts continue to grapple with the issue of whether employees have expectations of privacy in their offices, including their computers, that generally would require investigative authorities to obtain a search warrant.  This analysis can be affected by a company’s past practices (has the company allowed employees to use their company computers for personal use; has the company allowed employees to download their own music, photos, and programs onto the company computer; do the employees have responsibility for servicing their own computer programs themselves; does the company periodically review the data on the employees’ computers; are employees given their computers upon resignation or termination; are the employees allowed to purchase their computers upon resignation or termination; etc.).  The answers to these and other inquiries may influence the calculus of whether an employee has a reasonable expectation of privacy in his or her company-issued computer equipment.

Another critical factor that bears on this analysis is what company policies have been promulgated regarding the employees’ computer use and access.  If a company has clearly delineated policies stating that it owns all of the computer equipment provided for its employees’ use, and that it retains the right to take possession of and/or review employees’ computers and other electronic equipment, as well as the emails communicated via this equipment, or other data generated or stored on the equipment, these policies affect the employees’ expectations of privacy.  Of course, there should not be a corporate disconnect between the policies on the company books and the company’s actual practices.

In early 2007, the question of police access to an employee’s computer, without the authorities first obtaining a search warrant, was addressed by the Ninth Circuit Court of Appeals.  See, United States v. Ziegler,  474 F.3d 1184 (9th Cir.) (superceding opinion filed on 1/30/07).

In the first Ziegler decision, the Ninth Circuit held that the employee could have no expectation of privacy given the company’s well defined policies regarding company computers.  Soon thereafter, however, the Ninth Circuit withdrew and revised its opinion, concluding that even in the context of company-owned computers and company policies specifying that the company had the right to access those computers at any time, employees nevertheless had a protectable 4th Amendment right against unreasonable search and seizure that required the police authorities to obtain a search warrant to access the materials on the computer. 

Despite this analysis, the Ninth Circuit also found that the employer, which owned the computer gear, and which determined who had permissible access to its premises, was authorized to give “consent” to the search, obviating the need for the search warrant.  Once the employer had authorized the police to have access to the company-owned computer, the police no longer needed to obtain a search warrant.  (This analysis is akin to other contexts where a joint property owner consents to a police search even in the absence of a warrant.)  Deservedly, the employee in Zeigler who had stored child pornography on his work computer, was toast.  

As to your second inquiry (whether a company is obligated to inform an employee of the police request for access to the computer being used by the employee), your company has no obligation to apprise your employee of the decision to provide the police access to the computer.  In general, employers are not obligated to inform employees of ongoing investigations, whether instituted by governmental investigative authorities or by the company itself.  Indeed, there are times when providing such notice to the employee would undermine completely the purpose of the investigation and could alter its results.   In the context of your questions, for example, if the employee had been apprised of the investigation, the evidence could have been deleted from the computer.
 
The bottom line is that generally employers do not have to require law enforcement authorities to obtain a search warrant to have access to a company-owned computer used by an employee.  Whether there may be strategic reasons for requesting the investigative authorities to return with a warrant is another question for another day.   

Filed under Pornography, Privacy Rights, Recent Decisions, Search Warrant · Tagged with

Disclosing Private Health Information, Quirky Question # 33

Posted by on April 28, 2008 · Leave a Comment 

Quirky Question # 33:

I am the VP of HR for a hospital.  Each of our employees receives a formal policy, prohibiting them from divulging any “patient care data” to anyone.  Our policy is compliant with federal law.

A nurse in our ER recently became aware that a mother and her two children were being evaluated for meningitis, and that they had been instructed not to allow the children to return to school until it was determined whether the children were infected or contagious.  The mother, however, refused to have her children tested and they left the hospital against medical advice.

The very next day, our nurse dropped her own son off at school and saw the two children who had been in the emergency room the day before.  She decided to leave with her son.  When a teacher asked her why she left, she explained that the two other children were at the hospital the day before with their mother and were not supposed to return to school until they were tested for meningitis.  The school then contacted the mother and asked her to remove her children from the school.

The mother of these two children has now contacted the hospital, outraged that this information about their medical situation has been shared with others.  Given our clear policy that requires “patient care data” to be kept confidential, should we fire our nurse for divulging this information?

Roy’s Analysis:

Like many of questions I have posted, this question highlights the conflict between two important, but competing, public policies. One policy is the critical need for maintaining the privacy of patient information. The other policy is the crucial importance of maintaining public health. In this question, those policies collide.

This fact pattern was drawn, not from a client question, but from the recent case of Serrano v. Christ Hospital, No. A-448-06T3 (New Jersey Sup. Ct. App. Div.; Dec. 21, 2007). In Serrano, the hospital concluded that the patient’s privacy rights were paramount and discharged the employee who had shared the patient’s confidential information with the school, notwithstanding her 16-year employment history. In the case (unlike the question we devised), the employee who revealed this information was a secretary in the hospital’s intensive care unit. Because she was bilingual (English and Spanish), she had been asked to translate for an elderly Spanish-speaking woman who was being tested for meningitis. While assisting with the translation, she learned that the elderly patient had a daughter and that the daughter’s son attended the same nursery as her own daughter. The patient’s daughter and grandchildren were advised that they should be tested for exposure to meningitis but they declined to participate in the testing.

The next day, when the secretary took her own daughter to the nursery school, she saw the patient’s grandchild at the nursery, coughing. As set forth in our hypothetical problem, she left with her son and when later questioned by the school regarding why she had done so, she explained the situation, including revealing the patient’s condition. The nursery school then contacted the potentially contagious family and insisted that they take their son to a physician for an examination.

Following the family’s complaint to the hospital regarding the disclosure of their medical information, the hospital fired Serrano, the secretary who had disclosed the information. The secretary then sued, contending that her discharge constituted a violation of the public policy designed to protect public health. Despite these policies, the District Court dismissed the discharged employee’s claim on summary judgment. The appellate court, however, reversed.

Oddly, in my view, the appellate court sent the case back to the lower court to resolve the conflict between the two competing public policies, noting that these questions are “best left for the factfinder to decide.” This part of the court’s analysis perplexes me somewhat. The key facts are essentially undisputed. The secretary admitted that she had disclosed the patient information to the school and the school acknowledged that it had removed the student pending an examination by a physician and medical clearance. The hospital acknowledged that it fired the secretary because of her disclosure of the patient’s data. I’m not sure what additional “facts” the “factfinder” needs to resolve. Essentially, the courts of New Jersey need to resolve the legal question regarding which of the two important state public policies is paramount. Further, the courts need to resolve the issue of whether, even assuming that the public health policy is more important than the patient’s privacy rights, the nature of the disclosure here was appropriate.

When discussing this question with some insightful friends this past weekend, a few consensus themes emerged. First, a hospital cannot allow each individual employee to become the interpreter of hospital policy. If every employee is empowered to assess hospital policies (here, the federally mandated patient privacy policy) and act on his/her own interpretation, the hospital no longer has a policy. Second, the method of disclosure here was inappropriate. The secretary did not contact the hospital administration or the hospital’s General Counsel. The secretary did not call the New Jersey Department of Health to report the situation. Rather, she simply acted independently and reported the information to the school. Although it is easy to understand how these events could have unfolded given the facts that her own child attended the nursery and that the school called her and requested her to explain why she did not drop off her child, that does not excuse her actions. As the observations above suggest, there were alternative responses she could have provided the school, pending a more thoughtful examination of these issues. Third, one could legitimately question whether Serrano truly was trying to advance an important public policy. She did not march into the hospital administration when the family left the hospital against medical advice. She did not make the case for reporting the situation to governmental authorities, despite the fact that she knew the patient’s grandchild was in nursery school. She did not contact the New Jersey Health Department to report the situation herself. Indeed, she only acted in the “public interest” when her family was potentially directly affected. This type of conduct is not necessarily consistent with advancing an important public policy.

Nevertheless, if I were reading tea leaves, I’d predict the jury will side with the discharged secretary. Any parent will be able to empathize with her predicament and her concern for her own child’s safety. The jury will be balancing the risks of exposing a group of children to a potentially fatal disease with the privacy interests of a single person who imprudently rejected standard medical treatment. The jury also may wonder why the hospital did not step up to protect the public health when the family refused appropriate medical treatment. Finally, the jurors may be uneasy about the seemingly harsh sanction (termination) imposed on a 16-year employee who was inadvertently thrust into a very difficult situation.

Barring settlement, there is more to come on this case, so stay tuned. I’ll try to follow up when the case progresses further through the legal system.

Filed under Confidentiality of Health Care Data, Health Information, Privacy Rights, Recent Decisions · Tagged with

« Previous PageNext Page »