1 BRADLEY S. PHILLIPS (State Bar No. 085263) MUNGER, TOLLES & OLSON LLP ·2 355 South Grand Avenue Thirty-Fifth Floor 3 Los Angeles, CA 90071 CONFORMED COPY ORIGINAL FILED . Telephone: (213) 683-9100 Superior Court of California 4 Facsimile: (213) 687-3702 county of Los Angeles brad.phillips@mto. com 5 APR 24 2015 BRYAN H. HECKENLIVELY (State Bar No. 279140) Sherri R. Carter, Executive Officer/Clerk 6 MUNGER, TOLLES & OLSON LLP 560 Mission Street By Myrna Beltran, Deputy 7 Twenty-Seventh Floor San Francisco, CA 94105 8 Telephone: (415) 512-4000 Facsimile: (415) 512-4077 9 bryan.heckenlively@mto.com 10 CHARLES F. ROBINSON (State Bar No. 113197) KAREN J. PETRULAKIS (State Bar No. 168732) 11 MARGARET L. WU (State Bar No. 184167) OFFICE OF THE GENERAL COUNSEL 12 UNIVERSITY OF CALIFORNIA 1111 Franklin Street 13 Oakland, CA 94607 Telephone: (510) 987-9800 14 Facsimile: (510) 987-9757 15 Attorneys for Defendant REGENTS OF THE UNIVERSITY OF CALIFORNIA 16 SUPERIOR COURT OF THE STATE OF CALIFORNIA 17 COUNTY OF LOS ANGELES - CENTRAL DIVISION 18 19 20 NORMA LOZANO, an individual, 21 22 Plaintiff, vs. 23 THE REGENTS OF THE UNIVERSITY OF CALIFORNIA, JOHN D. EDWARDS, 24 M.D. ALEXIES PRICE, MARK G. YUDOF, DELVECCHIO FINLEY, and 25 Does 1-25, inclusive, 26 27 Defendants. CASE NO. BC505419 DEFENDANTREGENTSOFTHE UNIVERSITY OF CALIFORNIA'S NOTICE OF MOTION AND MOTION FOR SUMMARY JUDGMENT; MEMORANDUM OF POINTS AND AUTHORITIES IN SUPPORT THEREOF Judge: Date: Time: Dept.: Ron. Mary Strobel July 8, 2015 8:30A.M. 32 EXEMPT FROM FEES: GOV. CODE § 6103 28 UC'S MOTION FOR SUMMARY JUDGMENT NOTICE OF MOTION AND MOTION FOR SUMMARY JUDGMENT TO ALL PARTIES AND THEIR ATTORNEYS OF RECORD: PLEASE TAKE NOTICE that on July 8, 2015, at 8:30 am, or as soon thereafter as counsel may be heard, in the Courtroom of the Honorable Mary Strobel, Department 32 of the above-entitled Court, located at 11 1 North Hill St., Los Angeles, California 90012, Defendant The Regents of the University of California will and hereby does move for summary judgment pursuant to Code of Civil Procedure section 43 70 on the grounds that Plaintiff cannot establish a claim against UC under California?s Con?dentiality of Medical Information Act California Civil Code section 56.36(b) or for invasion of privacy under article 1, section 1 of the California Constitution. This motion is based on this notice and motion; the attached Memorandum of Points and Authorities; the Separate Statement of Undisputed Material Facts; the Appendix of Evidence; and the Declarations of John Christiansen, Dr. Michael Pfeffer, and Bryan H. Heckenlively filed herewith; all pleadings and records ?led in these proceedings; all matters of which judicial notice may be taken; any other materials prOperly before the Court; and further argument and materials as may be presented at or before the hearing of this motion or otherwise. MUNGER, TOLLES OLSON LLP Bin/Am. DATED: April 24, 2015 By: Attorneys for Defendant REGENTS OF THE UNIVERSITY OF CALIFORNIA MOTION FOR SUMMARY JUDGMENT TABLE OF CONTENTS 1 I. INTRODUCTION ................................................................................................................. 1 II. BACKGROUND ................................................................................................................... 2 2 3 A. UCLA Establishes a Secured Electronic Medical Records System .......................... 2 B. Edwards Violates UC Policy by Sharing His Login Credentials .............................. 5 C. Edwards’s Staff Accesses and Transmits Plaintiff’s Medical Records ..................... 5 D. Plaintiff Reports the Incident and Files Suit ............................................................. 6 4 5 6 7 III. ARGUMENT ........................................................................................................................ 7 8 A. Summary Judgment Standard.................................................................................... 7 B. Plaintiff’s CMIA Cause of Action Fails as a Matter of Law .................................... 8 9 10 1. The CMIA Claim Fails Because UC Did Not “Release” Plaintiff’s Medical Information ...................................................................................... 8 12 2. The CMIA Claim Fails Because UC Was Not Negligent ............................. 9 13 3. The CMIA Claim Fails Because UC Was Not a Legal Cause of Plaintiff’s Claimed Damages ...................................................................... 12 11 14 C. Plaintiff’s Privacy Cause of Action Fails as a Matter of Law ................................. 15 15 1. The Privacy Claim Fails Because no Conduct by UC Constituted “A Serious Invasion of Privacy” ....................................................................... 15 2. The Privacy Claim Fails Because the Public Interest in Electronic Medical Records and Patient Safety Outweighs Any Invasion of Privacy ......................................................................................................... 16 3. The Privacy Claim Fails Because UC Was Not a Legal Cause of Plaintiff’s Claimed Damages ...................................................................... 18 16 17 18 19 20 IV. CONCLUSION ................................................................................................................... 19 21 22 23 24 25 26 27 28 i UC’S MOTION FOR SUMMARY JUDGMENT TABLE OF AUTHORITIES 1 STATE CASES 2 Aguilar v. Atl. Richfield Co., 25 Cal. 4th 826 (2001)............................................................................................................... 7 3 Bd. of Med. Quality Assurance v. Gherardini, 4 93 Cal. App. 3d 669 (1979) ..................................................................................................... 17 5 Brewer v. Teano, 40 Cal. App. 4th 1024 (1995) ...................................................................................... 12, 13, 15 6 City of Santa Barbara v. Superior Court, 7 41 Cal. 4th 747 (2007)............................................................................................................... 9 8 Cline v. Watkins, 66 Cal. App. 3d 174 (1977) ..................................................................................................... 14 9 Conroy v. Regents of Univ. of Cal., 10 45 Cal. 4th 1244 (2009)............................................................................................................. 7 11 Feminist Women’s Health Ctr. v. Superior Court, 52 Cal. App. 4th 1234 (1997) .................................................................................................. 17 12 Flowers v. Torrance Mem’l Hosp. Med. Ctr., 13 8 Cal. 4th 992 (1994)........................................................................................................... 9, 12 14 Gonzalez v. Derrington, 56 Cal. 2d 130, 132-34 (1961) ................................................................................................ 15 15 Hill v. Nat’l Collegiate Athletic Ass’n, 16 7 Cal. 4th 1 (1994)................................................................................................. 15, 16, 17, 18 17 Hughes v. Pair, 46 Cal. 4th 1035 (2009)........................................................................................................... 13 18 19 Johnson v. Superior Court, 80 Cal. App. 4th 1050 (2000) .................................................................................................. 17 20 Loder v. City of Glendale, 14 Cal. 4th 846 (1997)............................................................................................................. 18 21 22 Oakland Raiders v. Nat’l Football League, 131 Cal. App. 4th 621 (2005) .................................................................................................... 7 23 PPG Indus., Inc. v. Transamerica Ins. Co., 20 Cal. 4th 310 (1999)............................................................................................................. 12 24 25 Raven H. v. Gamette, 157 Cal. App. 4th 1017 (2007) ................................................................................................ 14 26 Regents of Univ. of Cal. v. Superior Court, 220 Cal. App. 4th 549 (2013) .................................................................................................... 8 27 28 ii UC’S MOTION FOR SUMMARY JUDGMENT 1 TABLE OF AUTHORITIES (continued) 2 Page(s) 3 Saelzler v. Advanced Group 400, 25 Cal.4th 763 (2001)........................................................................................................ 7 4 Schrimscher v. Bryson, 5 58 Cal. App. 3d 660 (1976) ............................................................................................... 14, 15 6 FEDERAL CASES 7 Ruiz v. Gap, Inc., 540 F. Supp. 2d 1121 (N.D. Cal. 2008) .................................................................................. 16 8 STATE STATUTES 9 CAL. CIV. CODE § 56.36(b).......................................................................................................... 8, 9 10 CAL. CODE CIV. PROC. § 437c, subd. (c) ......................................................................................... 7 11 FEDERAL STATUTES 12 42 U.S.C. § 1320d ........................................................................................................................... 4 13 OTHER AUTHORITIES 14 Restatement (Second) of Torts § 440 ............................................................................................ 13 15 Restatement (Second) of Torts § 448 ............................................................................................ 13 16 17 18 19 20 21 22 23 24 25 26 27 28 -iiiUC’S MOTION FOR SUMMARY JUDGMENT 1 2 I. MEMORANDUM OF POINTS AND AUTHORITIES INTRODUCTION 3 This case arose because Dr. John D. Edwards violated clear, written policies issued 4 by the Regents of the University of California (“UC'” or “the University”) governing access to an 5 electronic medical records system at UCLA Health System (“UCLA”) and thereby made it 6 possible for his staff to access Plaintiff Norma Lozano’s medical records and send them to third 7 parties. Edwards, who is not a University of California employee, shared his login ID and 8 password with the employees at his private practice. He did this despite being trained repeatedly 9 to “never share your computer accounts and passwords” and certifying to UC on multiple 10 occasions that he understood “user IDs cannot be shared.” If he had followed UC policy, his staff 11 could not and would not have accessed Plaintiff’s medical records because they would have had 12 no way to log in to the system. 13 That violation of policy ripened into litigation because of the egregious intentional 14 act of Alexies Price, a temporary employee of Edwards, which was the latest (and loudest) shot in 15 a personal battle between Plaintiff and Price. On September 4, 2012, when Edwards’s staff 16 accessed Plaintiff’s records, Plaintiff was pregnant with a child fathered by Dedreck Harris, who 17 was at the time in a romantic relationship with Price but apparently not with Plaintiff. In the 18 weeks leading up to September 4, Price had begun taunting Plaintiff by text message, and Plaintiff 19 admits that she responded sometime in August by sending Price an image from Plaintiff’s 20 sonogram. Rather than write back, Price took Plaintiff’s medical records from the printer at 21 Edwards’s office, took photographs of them with her smartphone, and sent them to Harris and a 22 third woman. 23 As these undisputed facts make clear, Plaintiffs’ medical records were disclosed 24 because of Edwards’s failure to follow policy and Price’s intentional misconduct. Plaintiff alleges 25 that UC is also to blame because it should not have authorized Edwards’s login credentials— 26 whoever was using them—to access Plaintiff’s records on the UCLA system. She bases this on 27 the unworkable and unreasonable position that the University should have had technical 28 restrictions “so that only physicians identified with the patient [could] gain access to patient files.” -1UC’S MOTION FOR SUMMARY JUDGMENT 1 Ex. J ¶ 9. But, under this proposed technical restriction, physicians would have difficulty 2 consulting with colleagues, patient care would be delayed, and no emergency-room doctor, on-call 3 doctor, or doctor treating a patient for the first time could access patient records in a timely 4 manner. Because that technical restriction is not feasible and would interfere with the provision of 5 timely medical services, UC has not adopted it and it is not the industry standard. Indeed, 6 according to John Christiansen, an expert in electronic medical records systems, the standard 7 practice at other medical centers is not to have such a restriction. And Dr. David Pfeffer, the Chief 8 Information Officer and a practicing physician at UCLA Health System, who has also used the 9 systems at other top academic medical centers, the Veterans Administration hospital, and Kaiser 10 Permanente, has never seen such a restriction in place. 11 Rather than imposing such an unworkable technical restriction, however, UC 12 issued written policies directing physicians to access only those records they needed to provide 13 medical care, repeatedly trained them on those policies, and maintained automated logs to track 14 which records they accessed. These security measures are appropriate and consistent with the 15 industry standard for a large medical center such as UCLA. 16 For these reasons, which are explained in more detail below, UC is entitled to 17 summary judgment on both of Plaintiff’s remaining causes of action. Plaintiff has no evidence to 18 create a triable issue as to whether UC was negligent, as she would need to proceed on her claim 19 under the Confidentiality of Medical Information Act (“CMIA”), or whether UC committed an 20 egregious violation of social norms, as she would need to proceed on her constitutional invasion of 21 privacy claim. Both claims also fail for the independent reason that Price was a superseding cause 22 of Plaintiff’s injuries. 23 II. BACKGROUND 24 A. 25 UCLA Establishes a Secured Electronic Medical Records System In large part because federal regulations both provide incentives for medical centers 26 to implement electronic medical records systems and impose penalties upon those that do not, 27 medical centers around the country store their patient files in electronic form. Declaration of John 28 Christiansen (“Christiansen Decl.”) ¶¶ 6-12. UCLA is no exception, as it stores patients’ records -2UC’S MOTION FOR SUMMARY JUDGMENT 1 in an electronic medical records system that physicians and other professionals can access to 2 deliver care to those patients. The current system in place at UCLA is called CareConnect, which 3 went into full use on March 1, 2013. Ex. A (Deposition of Robert Gross, Dec. 11, 2013 (“Gross 4 Dep.”)) 79:14-18, 142:9-12, 146:11-18. Before March 1, 2013, UCLA operated older systems, 5 one of which was known as PCIMS. Id. 141:19-142:12. 6 To secure the electronic medical records, UC issues login IDs and passwords to 7 those professionals who UC determines should be authorized to access the system. Different types 8 of users have different access rights. Id. 80:2-22. Physicians’ login credentials, for example, 9 allow them to access the records of any patient in the UCLA system. Id. 85:19-86:20. 10 Physicians’ login credentials enable that level of access because it is critical to 11 patient care. In a large medical center like UCLA, there are often many physicians contributing to 12 a patient’s care. Declaration of Dr. Michael Pfeffer (“Pfeffer Decl.”) ¶ 7. Physicians often consult 13 with colleagues to ensure accurate diagnoses and treatment recommendations, refer patients to 14 colleagues with different specialties, or cover one another’s patients as a result of vacations, on15 call schedules, or other availability issues. Id. ¶¶ 7-9. Patients, too, often seek out new physicians 16 because of personal preference or urgent needs. Id. ¶ 10. For example, a patient who visits the 17 emergency department or is admitted to the hospital likely will be seen by the physician on duty at 18 the time and not his or her regular physician, and that on-duty physician may consult with or refer 19 the patient to on-call physicians in various specialties. Id. The situation is all the more fluid at 20 UCLA because it is an academic medical center, in which attending physicians, residents, interns, 21 and medical students often rotate from one department or clinic to another while the patients do 22 not. Id. ¶ 9. As a result, there are many circumstances in which a UCLA physician cares for a 23 patient whom he or she has not previously treated or met. Id. ¶¶ 7-10. In all of these 24 circumstances, it is important for the physician to have immediate access to the patient’s medical 25 records to evaluate the patient’s health history, allergies to medication, and the like. Id. ¶ 11. 26 Failing to obtain accurate information, or having to wait for it, could put patients at risk. Id. 27 Although physicians have access to every patient’s records as a technological 28 matter, the University has established strict policies governing when it is appropriate to access -3UC’S MOTION FOR SUMMARY JUDGMENT 1 patient records. Among many other things, these policies require that system users “access[] only 2 the amount of [electronic health information] necessary to complete job responsibilities and only 3 for those patients for whom the workforce member needs access to complete job responsibilities.” 4 See Ex. AA, at 4 (emphasis in original); see also Ex. A (Gross Dep.) 88:2-89:4. The policies also 5 forbid “allowing the use of an individual’s account by others,” Ex. AA, at 6, and they make clear 6 that passwords “must never be shared with any other person,” id. at 4. 7 UC also requires authorized users to undergo privacy training before receiving 8 login credentials and to repeat that training on an annual basis. Ex. A (Gross Dep.) 74:15-76:12. 9 These trainings cover obligations imposed by the Health Insurance Portability and Accountability 10 Act (“HIPAA”), 42 U.S.C. § 1320d, and other relevant laws as well as the policies governing use 11 of the UCLA electronic medical records system. Id. 77:2-78:10. Each training firmly instructs 12 users that they must not share their login credentials with any other person, and that they are 13 permitted to access only the medical records needed for patient care. See, e.g., Ex. Q, at 8, 13. 14 After each training, the user is required to sign a confidentiality statement expressly 15 certifying that he or she will not share login credentials with any other person and will access 16 patient information “only to the minimum extent necessary for my assigned duties.” Ex. S, at 17 UCLOZ000603; Ex. T, at UCLOZ000593; Ex. A (Gross Dep.) 76:23-77:1. As a supplement to 18 the formal training, UC also sends out regular emails reminding users of their privacy and security 19 obligations. Ex. A (Gross Dep.) 102:12-104:8; see, e.g., Exs. P (report any exposure of 20 passwords), R (“treat your password like your toothbrush ... [d]on’t share it with others”), X 21 (“Sharing your UserID and/or password is inappropriate and a violation of UCLA Health System 22 policy”), Y (violation of policy to “share your password and UserID with a co-worker”). 23 In addition to the passwords, policies, certifications, and training, UC also secures 24 the electronic medical records system by generating access logs. Because each user has a distinct 25 login ID and the system automatically records every instance in which a record is accessed, it is 26 possible to link each access to a particular user and then investigate whether that user had 27 authorization. Ex. A (Gross Dep.) 12:25-14:10, 93:1-94:6. All of these security features— 28 -4UC’S MOTION FOR SUMMARY JUDGMENT 1 authentication, policies, training, and access logs—were in place while PCIMS was in use, just as 2 they are now. Id. 144:9-145:2. 3 B. 4 Edwards Violates UC Policy by Sharing His Login Credentials Dr. John D. Edwards is one of the users authorized to access UCLA’s electronic 5 medical records system. Ex. E (Deposition of John D. Edwards, Feb. 5, 2015) (“Edwards Dep.”)) 6 26:8-11. Edwards has a private obstetrics and gynecology practice, where he employs two full7 time staff members, Gabby DeLuna and Deborah Escobedo. Id. 11:9-21. He is not an employee 8 of UC, but he has staff privileges at UCLA Santa Monica Hospital that enable him to treat patients 9 in the hospital. Id. 17:19-22. Accordingly, he has completed privacy training twice each year 10 since at least 2010 in order to maintain his access to the electronic medical records system. Id. 11 67:25-68:10. At least some of the time, those trainings have been conducted in-person by a trainer 12 at UCLA Santa Monica Hospital. Id. 29:21-30:2. During each training, as explained above, 13 Edwards has been told to “[n]ever share passwords” and “[m]ake sure that you have your own 14 individual user ID.” Ex. Q, at 13-14; see also Ex. E (Edwards Dep.) 95:15-96:3 (confirming that 15 Ex. Q was the presentation used at the trainings Edwards attended). And, each year, Edwards has 16 certified in writing that he understands that “[u]ser IDs cannot be shared.” See, e.g., Ex. S, at 17 UCLOZ000603; Ex. T, at UCLOZ000593. 18 Despite that certification, and despite a separate UC policy that would have allowed 19 Edwards to obtain individual login IDs for his employees, see Ex. V, Edwards admits that he 20 shared his login ID and password with DeLuna and Escobedo, Ex. E (Edwards Dep.) 32:7-19. He 21 did not provide them with any privacy training or training on the appropriate use of the UCLA 22 electronic medical records system. Id. 99:2-19, 100:20-103:3. 23 24 C. Edwards’s Staff Accesses and Transmits Plaintiff’s Medical Records On September 4, 2012, DeLuna used Edwards’s login credentials to access Plaintiff 25 Norma Lozano’s medical records on UCLA’s PCIMS system. Ex. B (Deposition of Gricelda 26 Gabriela DeLuna, Dec. 12, 2013) (“DeLuna Dep.”)) 85:22-87:18. At their respective depositions, 27 Plaintiff and DeLuna gave differing accounts of why DeLuna accessed those records. DeLuna 28 testified that Plaintiff called to schedule an appointment with Edwards and that she printed -5UC’S MOTION FOR SUMMARY JUDGMENT 1 Plaintiff’s records while she was on the phone with Plaintiff in order to have them ready for the 2 appointment, but that the appointment never materialized because the call was disconnected and 3 Plaintiff never called back. Id. 80:16-88:24. Plaintiff claims that there was no such phone call. 4 Ex. D (Deposition of Norma Lozano, Feb. 2, 2015) (“Lozano Dep.”)) 65:14-66:20. The 5 documentary evidence supports DeLuna’s version of the story, as the handwritten appointment 6 book from Edwards’s office shows that Plaintiff’s name was written in for an appointment before 7 it was partially erased. See Ex. M. No matter which version of the story is correct, it is 8 undisputed that Edwards violated UC policy by giving DeLuna his login credentials and allowing 9 her to access the UCLA electronic medical records system. Ex. S; Ex. A (Gross Dep.) 199:1210 200:2; Ex. L, at Request Nos. 2-4, 7; see also Ex. K, at Request Nos. 2-4, 7. 11 After DeLuna printed the records, someone took a photograph of the records with a 12 smartphone and sent them to Dedreck Harris and Darleen Anderson. See Ex. W. It is undisputed 13 by the parties that Alexies Price, a temporary employee who was working at Edwards’s office on 14 September 4 (and not a UC employee), was the person responsible for that disclosure. See id. The 15 identities of the recipients of the photographs support that conclusion. Harris was romantically 16 involved at various times with Plaintiff, Price, and Anderson, and he now has children with all 17 three women and is married to Price. Ex. C (Deposition of Alexies Price, Jan 8, 2015) (“Price 18 Dep.”)) 10:9-15, 23:4-9, 125:10-12; Ex. D (Lozano Dep.) 28:6-7. On September 4, 2012, Plaintiff 19 was pregnant with one of those children, and Price—who was dating Harris—was not happy about 20 that. See Ex. C (Price Dep.) 17:21-18:25. Price sent Plaintiff a series of badgering text messages, 21 including photos of Price and Harris together, in response to which Plaintiff sent Price a 22 photograph from Plaintiff’s sonogram in August 2012. Ex. D (Lozano Dep.) 38:13-41:18. Before 23 the two women had any further communication, Price took the photographs of Plaintiff’s records 24 and sent them to Harris and Anderson. Id. 119:13-25. For her part, Price denies any involvement, 25 Ex. C (Price Dep.) 19:3-11, but no party credits her testimony. 26 27 D. Plaintiff Reports the Incident and Files Suit On the evening of September 4, 2012, Anderson and Harris told Plaintiff what 28 Price had done, and Plaintiff reported the incident to UCLA Health System’s Privacy Office the -6UC’S MOTION FOR SUMMARY JUDGMENT 1 next day. Ex. D (Lozano Dep.) 76:23-77:15. That office conducted an investigation, determined 2 that Edwards had violated UC policy, and recommended sanctions against Edwards. Ex. U; Ex. A 3 (Gross Dep.) 151:22-154:19, 168:22-169:18. Edwards did not invite Price to return to work, but 4 he never disciplined or reprimanded DeLuna in any way. Ex. E (Edwards Dep.) 54:9-11, 112:1-7. 5 On April 9, 2013, Plaintiff filed this lawsuit against UC, Edwards, and Price, but 6 she never served Price. The parties have since been through two rounds of demurrers and motions 7 to strike, which have substantially narrowed Plaintiff’s claims. Among other things, the Court 8 dismissed Plaintiff’s common law negligence claim against UC. See Ex. H, at 4-5. Plaintiff has 9 two remaining claims against UC. The first is a claim under CMIA alleging that UC “negligently 10 released” her medical information, and the second is a claim for invasion of privacy based on the 11 privacy right in the California Constitution. The Court has held, however, that Plaintiff may not 12 recover damages on the latter claim. Ex. F, at 1; Ex. G, at 2. 13 III. ARGUMENT 14 A. 15 Summary Judgment Standard A motion for summary judgment or summary adjudication “shall be granted if all 16 the papers submitted show that there is no triable issue as to any material fact and that the moving 17 party is entitled to a judgment as a matter of law.” CODE CIV. PROC. § 437c, subd. (c); id. § 437c, 18 subd. (f). “The materiality of a disputed fact is measured by the pleadings, which ‘set the 19 boundaries of the issues to be resolved at summary judgment.’” Conroy v. Regents of Univ. of 20 Cal., 45 Cal. 4th 1244, 1250 (2009) (quoting Oakland Raiders v. Nat’l Football League, 131 Cal. 21 App. 4th 621, 648 (2005) (additional internal citations omitted).) 22 “[A]ll that the defendant need do is to show that the plaintiff cannot establish at 23 least one element of the cause of action.” Aguilar v. Atl. Richfield Co., 25 Cal. 4th 826, 853 24 (2001). “[T]he defendant need not himself conclusively negate any such element.” Id. A 25 defendant may satisfy its burden “by showing that the plaintiff does not possess, and cannot 26 reasonably obtain, needed evidence.” Id. at 854. After a defendant meets its burden, the burden 27 shifts to the plaintiff to prove the existence of a triable issue of fact regarding that element of its 28 cause of action. Saelzler v. Advanced Group 400, 25 Cal.4th 763, 780-81 (2001). -7UC’S MOTION FOR SUMMARY JUDGMENT 1 2 B. Plaintiff’s CMIA Cause of Action Fails as a Matter of Law CMIA is not a strict liability statute. It provides, with exceptions that do not apply 3 here, that “any individual may bring an action against any person or entity who has negligently 4 released confidential information or records concerning him or her in violation of this part,” for 5 either or both nominal damages of $1,000 and actual damages. CAL. CIV. CODE § 56.36(b) 6 (emphasis added). UC is entitled to summary judgment on the CMIA claim because Plaintiff has 7 no evidence that would create a triable issue as to whether (a) UC “released” Plaintiff’s medical 8 information, (b) UC was negligent, or (c) UC was a legal cause of her alleged harm. 9 1. 10 11 The CMIA Claim Fails Because UC Did Not “Release” Plaintiff’s Medical Information Plaintiff argues that UC is liable for the “release” of her medical records, under 12 California Civil Code section 56.36(b), but she has not offered any evidence that UC “engaged in 13 some affirmative conduct leading to an unauthorized third party’s access to confidential 14 information.” Regents of Univ. of Cal. v. Superior Court, 220 Cal. App. 4th 549, 565 n.12 (2013). 15 As the Regents court explained, while the word “release” does not always connote affirmative 16 conduct, id. at 565, the term as used in section 56.36(b) requires affirmative conduct because the 17 statute uses “release” in the active, rather than the passive, voice, id. at 565 & n.12. 18 This Court overruled UC’s demurrer on this issue because the SAC alleged that UC 19 made an “affirmative decision” to create an electronic medical records system that did not include 20 any restrictions preventing physicians from accessing medical records of patients with whom they 21 have no medical relationship. Ex. H, at 4-5 (“Rather, the SAC alleges that UC’s affirmative 22 decision to maintain its medical information in an ‘unrestricted system’ made possible the 23 unauthorized viewing.”). 24 The facts in the summary judgment record show that UC did not, in fact, have such 25 an “unrestricted system” and did not “release” Plaintiff’s medical information. Instead, as 26 explained in detail below, in addition to the User IDs and passwords issued to system users, there 27 were robust policies, training requirements, and auditing systems in place that restricted access to 28 medically appropriate purposes. See post, 9-10. That system design is consistent with standard -8UC’S MOTION FOR SUMMARY JUDGMENT 1 practice at large medical centers because a more technologically restrictive design would 2 jeopardize patient safety. Christiansen Decl. ¶¶ 18-28; see also Pfeffer Decl. ¶¶ 6-12. If the 3 Court were to conclude that such a design means that a medical center has “released” confidential 4 medical information anytime an unauthorized person wrongfully accesses such information, it 5 would effectively nullify the “affirmative conduct” requirement announced in Regents for any 6 medical center with an electronic medical records system—which is most, if not all, medical 7 centers.1 8 2. 9 Summary judgment on the CMIA claim is independently warranted because there The CMIA Claim Fails Because UC Was Not Negligent 10 is no triable issue as to whether UC was negligent, which would be required to demonstrate 11 “negligent release” under section 56.36(b). Negligence “consists of a failure to exercise the 12 degree of care in a given situation that a reasonable person under similar circumstances would 13 employ to protect others from harm.” City of Santa Barbara v. Superior Court, 41 Cal. 4th 747, 14 753-54 (2007). The amount of care required is “due care commensurate with the risk posed by the 15 conduct taking into consideration all relevant circumstances.” Flowers v. Torrance Mem’l Hosp. 16 Med. Ctr., 8 Cal. 4th 992, 997 (1994) (citation omitted). Thus, to establish negligence, Plaintiff 17 must provide evidence that UC did not exercise the degree of care ordinarily exercised by medical 18 centers under similar circumstances. Id. at 998. 19 Plaintiff has no such evidence, because UC exercised reasonable care in creating 20 and securing its electronic medical records system. There can be no dispute that it was reasonable 21 for UC to set up an electronic medical records system, because (among other reasons) federal 22 regulations all but require healthcare providers to do so. Christiansen Decl. ¶¶ 8-9. It is also clear 23 that UC implemented a full set of measures to secure that system. The University issued login IDs 24 and passwords in order to limit access to registered users, and it issued a comprehensive set of 25 policies governing how those credentials could be used. These policies make clear that users may 26 1 UC also preserves the argument that the term “release” should be construed to require an 27 affirmative communicative act, just as the term “disclose” is. UC raised this argument in support 28 of its demurrer to the First Amended Complaint here and before the Court of Appeal in the Regents case. See generally Ex. I, at 5-8. -9UC’S MOTION FOR SUMMARY JUDGMENT 1 not share their credentials with anyone or access records that they do not need for a medical 2 purpose. UC required Edwards to certify that he would comply with these policies, that he would 3 not share his login ID or password, and that he would use his login credentials only as medically 4 appropriate. UC further required Edwards to attend regular trainings that reminded him of these 5 obligations, the relevant HIPAA regulations, and other privacy requirements. See, e.g., Ex. Q, at 6 8, 13. The University also maintained automated system logs tracking each instance of access to 7 patient records, thereby enabling it to investigate allegations of unauthorized access and hold 8 violators accountable. There can be no dispute about any of these facts. 9 In the face of these numerous protections implemented by UC, Plaintiff focuses on 10 one narrow argument for negligence. She alleges that UC’s system design was deficient because 11 Edwards’s login ID and password allowed him to access medical records of patients whom he had 12 not previously treated. That is, however, a typical feature of electronic medical records systems at 13 large medical centers because it is not only appropriate but also essential to protecting patient 14 safety. Pfeffer Decl. ¶¶ 5-6; Christiansen Decl. ¶ 31. It is appropriate because authentication by 15 login ID and password is only one piece of the security in place to protect electronic medical 16 records. Christiansen Decl. ¶ 31. The written policies, regular training, signed 17 acknowledgements, and access logs described above also serve to secure those records, and those 18 measures are sufficient to satisfy the standard of care. See id. ¶¶ 32-34. This is particularly true 19 for a user like Edwards, who, because of his professional obligations as a physician, falls into a 20 trusted user group. Id. ¶ 20. 21 Enabling authenticated physicians to access every patient’s records as a 22 technological matter is essential for patient safety because of the number of professionals involved 23 in care at a large medical center, especially an academic one like UCLA. When patients end up in 24 the emergency room, they do not see their personal physician, they see whichever emergency 25 room doctor happens to be working when they arrive, and the doctor on duty in the emergency 26 room may in turn consult with on-call physicians in various specialties. Pfeffer Decl. ¶ 10. The 27 on-call physicians may be UCLA employees or they may be non-UCLA doctors like Edwards 28 with hospital privileges. Id. Unless the emergency room doctor and any consulting on-call -10UC’S MOTION FOR SUMMARY JUDGMENT 1 doctors have access to the records of every patient in the system, they will not be able to access the 2 records needed to facilitate high-quality and safe patient care. See id. ¶ 11. In other settings, too, 3 physicians may consult with colleagues outside of the examination room in order to make proper 4 diagnoses and treatment recommendations. Id. ¶ 7. Attending physicians, residents, interns, and 5 medical students often rotate between departments, and on-call doctors are sometimes required to 6 cover for colleagues who are on vacation or otherwise unavailable. Id. ¶ 9. Patients themselves 7 may choose to visit new physicians within the same medical center, particularly if seeking the care 8 of a type of specialist they have not previously needed to see. Id. ¶ 10. In those types of 9 situations, and others, UC’s security structure enables physicians to promptly access the records of 10 the patients who have ended up in their care for the first time, with appropriate safeguards to 11 ensure that they do not exceed the bounds of appropriate access. See id. ¶¶ 6, 11. 12 For all these reasons, medical centers simply cannot be expected to adopt the 13 patient-specific technological barrier that Plaintiff proposes, and they in fact have not done so. 14 Indeed, John Christiansen, an expert in electronic medical records systems who has worked with 15 numerous medical centers and medical information technology services vendors, has testified that 16 UC’s structure, which lacks such a barrier, is consistent with what he has seen “in comparable 17 medical centers, and with prudent practice in balancing risks to the confidentiality of patient 18 information against risks to patient health and safety.” Christiansen Decl. ¶ 35. Instead, the 19 industry standard enables physicians to access the records of all patients as a technological matter, 20 and restricts their access in other ways. Id. ¶¶ 19-32, 25. 21 The declaration of Dr. Michael Pfeffer, who is the Chief Information Officer, Chief 22 Medical Informatics Officer, Assistant Clinical Professor of Medicine, and a practicing Internal 23 Medicine physician at UCLA, provides further support for that conclusion. In addition to his work 24 at UCLA, Dr. Pfeffer has worked with electronic medical records systems at the academic 25 hospitals affiliated with the medical schools at Cornell University, Brown University, and the 26 University of Hawaii, as well as at Kaiser Permanente and the Veterans Administration hospital. 27 Pfeffer Decl. ¶ 3. None of these medical centers restricted him to accessing the records of patients 28 he had previously seen. Id. ¶ 12. In his experience as a practitioner and hospital executive -11UC’S MOTION FOR SUMMARY JUDGMENT 1 focused on information systems, Dr. Pfeffer has never even heard of a medical center imposing 2 that restriction, and he is not aware of any electronic medical records platform—including the 3 industry-leading Epic Systems platform in use at UCLA today—that would allow the medical 4 center to do so.2 Id. 5 In short, because the measures adopted by UC to secure the electronic medical 6 records system are consistent with standard practice at comparable medical centers and strike an 7 appropriate balance between patient safety and security, there is no triable issue of material fact as 8 to whether UC acted with the ordinary care expected of a large medical center in creating and 9 securing the electronic medical records system at UCLA. See Flowers, 8 Cal. 4th at 997. 10 3. 11 12 The CMIA Claim Fails Because UC Was Not a Legal Cause of Plaintiff’s Claimed Damages UC is entitled to summary judgment on the CMIA claim for a third independent 13 reason as well: Plaintiff has no evidence creating a triable issue as to whether UC was a legal 14 cause of her alleged injuries. The Supreme Court has recognized that “the law must impose 15 limitations on liability other than simple causality. These additional limitations are related not 16 only to the degree of connection between the conduct and the injury, but also with public policy.” 17 PPG Indus., Inc. v. Transamerica Ins. Co., 20 Cal. 4th 310, 315-16 (1999) (citation omitted). 18 These limitations, as expressed in the Restatement (Second) of Torts, constitute the requirement of 19 “legal cause” or “proximate cause.” Brewer v. Teano, 40 Cal. App. 4th 1024, 1030 (1995). 20 Edwards’s clear violation of UC policy and Price’s intentional disclosure of 21 Plaintiff’s medical records both intervened between UC’s conduct and Plaintiff’s injuries and 22 limited “the degree of connection between the conduct and the injury.” PPG Indus., 20 Cal. 4th at 23 316. If Edwards had not permitted his staff member to use his login ID and password, she could 24 not have printed Plaintiff’s records and Price could not have taken photographs of them. UC 25 warned Edwards repeatedly not to share his login ID or password with anyone and trained him to 26 27 2 Dr. Pfeffer is particularly experienced with Epic Systems because it provides the platform for the CareConnect system currently in use at UCLA. He was the lead physician involved in 28 implementing that system. Pfeffer Decl. ¶ 4. -12UC’S MOTION FOR SUMMARY JUDGMENT 1 access only those records that he needed for a medical purpose. He certified multiple times that he 2 understood these policies, but he did not follow them. He also admits that he did not share UC’s 3 training materials or policies with his staff or provide them with any specific training on when it 4 was appropriate to use the UCLA electronic medical records system. Ex. E (Edwards Dep.) 99:25 19, 100:20-103:3. 6 It is Price, however, who most decisively broke the chain of causation between 7 UC’s conduct and Plaintiff’s injuries. One of the policy concepts set out in the Restatement and 8 therefore incorporated into California law is superseding cause. Brewer, 40 Cal. App. 4th at 1030 9 (“The rules are set out in the Restatement Second of Torts, which have been accepted as law in 10 California.” (citation omitted)). “‘A superseding cause is an act of a third person or other force 11 which by its intervention prevents the actor from being liable for harm to another which his 12 antecedent negligence is a substantial factor in bringing about.’” Id. at 1031 (quoting Restatement 13 (Second) of Torts § 440). Where “only one reasonable conclusion may be reached,” the court may 14 rule as a matter of law that an intervening act constitutes a superseding cause. Id. at 1035. 15 Of particular relevance here, a third person’s criminal or intentionally tortious act 16 “is a superseding cause of harm to another resulting therefrom,” even if the defendant’s “negligent 17 conduct created a situation which afforded an opportunity to the third person to commit such a tort 18 or crime.” Restatement (Second) of Torts § 448. If Plaintiff can establish that she suffered the 19 emotional distress that she claims (which she must in order to establish liability), Alexies Price 20 would be liable for the intentional tort of intentional infliction of emotional distress. See Hughes 21 v. Pair, 46 Cal. 4th 1035, 1050 (2009) (“A cause of action for intentional infliction of emotional 22 distress exists when there is (1) extreme and outrageous conduct by the defendant with the 23 intention of causing, or reckless disregard of the probability of causing, emotional distress; (2) the 24 plaintiff’s suffering severe or extreme emotional distress; and (3) actual and proximate causation 25 of the emotional distress by the defendant's outrageous conduct.” (internal quotation marks 26 omitted)). 27 Plaintiff may argue that Price’s intentional tort does not relieve UC of liability 28 because it was somehow foreseeable. That is incorrect first as a matter of law because even -13UC’S MOTION FOR SUMMARY JUDGMENT 1 foreseeable intervening acts can be superseding causes based on other policy considerations. See 2 Cline v. Watkins, 66 Cal. App. 3d 174, 179 (1977) (referring to the superseding cause policy 3 expressed in § 452(2) of the Restatement as “reliev[ing] the original actor of the foreseeable 4 consequences of his act”). There is a strong public policy in favor of electronic medical records 5 systems, and it is not feasible to have a system with the technological barriers that would have 6 been necessary to prevent Price’s intentionally wrongful act. Thus, the situation here is very 7 different from one in which, for example, a tenant is assaulted in an apartment building because 8 the owner does not provide security measures that he reasonably could have provided. The 9 building owners in those types of cases are liable because they could have simultaneously 10 provided both housing and the security measures necessary to prevent the harm. See, e.g., Raven 11 H. v. Gamette, 157 Cal. App. 4th 1017, 1028 (2007) (plaintiff was requesting only that owner 12 provide her “with the very security measures that other tenants already had” (emphasis omitted)). 13 Here, Plaintiff has no evidence that UCLA could have provided the public goods of electronic 14 medical records and timely medical treatment while at the same time technologically restricting 15 each physician’s login credentials to enable access only to records of patients whom he or she had 16 previously treated. All evidence in the record supports the opposite conclusion. 17 Even if foreseeability were required, moreover, Price’s extraordinary intervening 18 act of locating the medical records of a personal rival, taking pictures of them, and sending them 19 to third parties would satisfy that test because that conduct “is highly unusual or extraordinary, 20 [and] not reasonably likely to happen.” Schrimscher v. Bryson, 58 Cal. App. 3d 660, 664-65 21 (1976). In Schrimscher, an intoxicated driver who injured a highway patrol officer standing on the 22 side of the road was a superseding cause of the officer’s injury that relieved that defendant of 23 liability, even though the officer was standing there only because the defendant himself 24 negligently caused an earlier collision. The Court of Appeal held that, although it is foreseeable 25 “even in the most ordinary type of automobile collision” that an officer will respond, “[i]t would 26 be an unwarranted extension of liability to hold that when a traffic officer ... is injured as a result 27 of the negligence or criminal conduct of one person, liability may be imposed on the original 28 traffic violator whose conduct brought the officer to the scene.” Id. at 665. The actions of the -14UC’S MOTION FOR SUMMARY JUDGMENT 1 second drunk driver “could not reasonably have been anticipated by defendant at the time of his 2 initial negligence and as a matter of law the chain of causation was broken.” Id. at 664; see also 3 Brewer, 40 Cal. App. 4th at 1035, 1037 (relying on Schrimscher and finding superseding cause 4 based on unforeseeability). 5 Price’s intentionally injurious actions here were even less foreseeable to UC than 6 the presence of a second drunk driver would have been to the first drunk driver in Schrimscher. 7 Indeed, this case is closer to Gonzalez v. Derrington, in which the Supreme Court held that a gas 8 station’s owner’s negligence in selling an open can of gasoline was not the proximate cause of a 9 fire intentionally started by the person who purchased the can because it is not “foreseeable, that 10 gasoline bought in an open can will be used intentionally to injure others.” 56 Cal. 2d 130, 132-34 11 (1961). Gasoline is flammable and medical records are sensitive, but that does not make the 12 intentional misconduct by either the arsonist or Price foreseeable. 13 Because “the only reasonable conclusion” from the record here is that Price was a 14 superseding cause of Plaintiff’s alleged harm, UC is entitled to summary judgment on the CMIA 15 claim. 16 C. Plaintiff’s Privacy Cause of Action Fails as a Matter of Law 17 18 1. The Privacy Claim Fails Because no Conduct by UC Constituted “A Serious Invasion of Privacy” 19 To establish an invasion of the constitutional right to privacy, Plaintiff would have to 20 demonstrate conduct by UC that is “sufficiently serious in ... nature, scope, and actual or potential 21 impact to constitute an egregious breach of the social norms underlying the privacy right.” Hill v. 22 Nat’l Collegiate Athletic Ass’n, 7 Cal. 4th 1, 37 (1994). “If the undisputed material facts show ... 23 an insubstantial impact on privacy interests, the question of invasion may be adjudicated as a 24 matter of law.” Id. at 40. 25 Although the Court allowed Plaintiff’s invasion of privacy claim to survive demurrer, 26 summary judgment is now appropriate because the undisputed facts developed in discovery 27 demonstrate that there was no conduct by the University constituting an “egregious breach of the 28 social norms underlying the privacy right.” Id. at 37. As explained above, the record shows that -15UC’S MOTION FOR SUMMARY JUDGMENT 1 UC made reasonable decisions consistent with industry standards and patient safety objectives in 2 implementing its electronic medical records system. UC issued login credentials to trusted users 3 such as Edwards, established written policies preventing them from sharing their credentials or 4 accessing records without a legitimate reason, and regularly trained them on those policies. These 5 measures together provided an appropriate level of security. Christiansen Decl. ¶ 35. UC’s 6 conduct therefore was not negligent, much less an “egregious” deviation from social norms. 7 It is legally irrelevant whether Edwards or Price breached social norms because enabling 8 an invasion of privacy by a third party is not sufficient to establish a serious invasion of privacy. 9 See Ruiz v. Gap, Inc., 540 F. Supp. 2d 1121, 1127-28 (N.D. Cal. 2008). In Ruiz, a job applicant 10 sued Gap, Inc. after a thief stole two laptops containing unencrypted personal information about 11 job applicants, including their social security numbers. Id. at 1124-25. Ruiz, like Plaintiff here, 12 alleged that Gap had invaded Ruiz’s California constitutional right to privacy because Gap’s 13 negligent security allowed the theft to occur. The court dismissed the claim, reasoning that, while 14 Gap’s alleged actions may have increased the risk of identity theft, “the manner in which [that 15 increased risk] was allegedly created ... do[es] not constitute an egregious breach” and therefore 16 did not violate the California Constitutional right to privacy. Id. at 1128. Here, similarly, even 17 assuming that UC’s security policies created an increased risk that a third party could disclose 18 records without authorization, those policies were the product of legitimate judgments and not an 19 egregious breach of social norms. 20 2. 21 22 The Privacy Claim Fails Because the Public Interest in Electronic Medical Records and Patient Safety Outweighs Any Invasion of Privacy Summary judgment is also warranted because a compelling public interest 23 outweighs any invasion of privacy. “Conduct alleged to be an invasion of privacy is to be 24 evaluated based on the extent to which it furthers legitimate and important competing interests.” 25 Hill, 7 Cal. 4th at 38. “Invasion of a privacy interest is not a violation of the state constitutional 26 right to privacy if the invasion is justified by a competing interest.” Id. Where the defendant 27 charged with invasion of privacy is a state actor, a compelling state interest is certainly sufficient 28 to trump the right of privacy, and even a merely “legitimate” interest may be enough. Id. at 21-22, -16UC’S MOTION FOR SUMMARY JUDGMENT 1 34-35; Johnson v. Superior Court, 80 Cal. App. 4th 1050, 1070-71 (2000). Moreover, where, as 2 here, the plaintiff had the opportunity to choose between public and private entities to provide the 3 service at issue, “her privacy interest may weigh less in the balance” and be easier to overcome. 4 Hill, 7 Cal. 4th at 39. Regardless, “in cases where material facts are undisputed, adjudication as a 5 matter of law may be appropriate” as to whether competing interests outweigh the alleged invasion 6 of privacy. Id. at 40. 7 This is one of those cases. The state has a compelling interest in ensuring that 8 California residents receive timely and state-of-the art medical care, which—as the federal 9 regulations evidence—includes the use of electronic medical records. Bd. of Med. Quality 10 Assurance v. Gherardini, 93 Cal. App. 3d 669, 679 (1979) (“the State of California has a most 11 legitimate interest in the quality of health and medical care received by its citizens”). There can be 12 no question that the state has a compelling interest in establishing electronic medical records 13 systems at state-operated medical centers. Federal regulations provide incentives to medical 14 centers to establish electronic medical records systems and impose penalties on those medical 15 centers that do not do so. Because UC is a public entity, the state reaps the benefit of those 16 incentives and faces the costs associated with those penalties. Cf. Johnson, 80 Cal. App. 4th at 17 1071 (“state has a compelling interest in ensuring that those injured by the actionable conduct of 18 others receive full redress of those injuries”); Feminist Women’s Health Ctr. v. Superior Court, 52 19 Cal. App. 4th 1234, 1248 (1997) (women’s health center had legitimate interest in employee 20 demonstrating cervical self-examination to female clients and employees at the health center). 21 The electronic medical records system implemented at UCLA is “reasonably 22 calculated to further” those interests, and the evidence makes clear that there is no “less intrusive 23 alternative.” See Hill, 7 Cal. 4th at 44, 52. As explained above, it would not be feasible or 24 consistent with the provision of timely medical care to establish an electronic medical records 25 system that includes the technological security features that would have been necessary to prevent 26 Price’s disclosure of Plaintiff’s records here. Thus, the state’s interest in using electronic medical 27 records outweighs any invasion of privacy in this case and UC is entitled to summary judgment on 28 Plaintiff’s constitutional privacy claim. See Loder v. City of Glendale, 14 Cal. 4th 846, 896-98 -17UC’S MOTION FOR SUMMARY JUDGMENT 1 (1997) (concluding that city’s legitimate interests in mandatory drug testing program for job 2 applicants outweighed invasion of applicants’ privacy). 3 3. 4 5 The Privacy Claim Fails Because UC Was Not a Legal Cause of Plaintiff’s Claimed Damages Finally, for the same reasons that Price is a superseding cause of Plaintiff’s alleged 6 injuries on her CMIA cause of action, she is also a superseding cause of the alleged invasion of 7 privacy. See ante, 12-15. A defendant may raise appropriate tort defenses, of which superseding 8 causation is one, to an invasion of privacy claim. See Hill, 7 Cal. 4th at 40 (“Of course, a 9 defendant may also plead and prove other available defenses, e.g., consent, unclean hands, etc., 10 that may be appropriate in view of the nature of the claim and the relief requested.”). Edwards’s 11 violation of UCLA policy and Price’s brazen disclosure of Plaintiff’s medical records both 12 attenuate UC’s system design from the harm alleged. Because one of those attenuating events— 13 the disclosure by Price—was intentionally tortious and unforeseeable, it is a superseding cause 14 that relieves UC of liability for invasion of privacy. 15 /// 16 /// 17 /// 18 19 20 21 22 23 24 25 26 27 28 -18UC’S MOTION FOR SUMMARY JUDGMENT IV. CONCLUSION UC respectfully requests an order granting summary judgment in its favor on Plaintiff CMIA and invasion of privacy causes of action. DATED: April 24, 2015 Munger, Tolles Olson LLP BRADLEY S. PHILLIPS BRYAN H. HECKENLIVELY MN H. Attorneys for Defendant REGENTS OF THE UNIVERSITY OF CALIFORNIA -19- MOTION FOR SUMMARY JUDGMENT