Opinion
23-12571
05-14-2024
In re: BAYCARE MEDICAL GROUP, INC., ST. JOSEPH'S HOSPITAL, INC., Petitioners
On Petition for Writ of Mandamus to the United States District Court for the Middle District of Florida D.C. Docket No. 8:21-cv-01891-WFJ-TGW
Before BRANCH, BRASHER, and ABUDU, Circuit Judges.
BRASHER, Circuit Judge
This petition for a writ of mandamus raises an issue of first impression under the Patient Safety and Quality Improvement Act of 2005, 42 U.S.C. § 299b-22(a). Dr. Tara Loux filed an employment discrimination suit against her former employers BayCare Medical Group and St. Joseph's Hospital, which we will refer to collectively as "BayCare." The district court ordered BayCare to produce its quality files and referral logs to Loux in discovery. BayCare argues that those documents are "patient safety work product" that are "privileged and . . . [not] subject to discovery in connection with a Federal . . . civil . . . proceeding" under the Act. Id. § 299b-22(a)(2).
We agree that BayCare is entitled to mandamus. The district court required BayCare to establish, as part of its privilege claim, that the disputed documents were created or maintained for the "sole purpose" of making reports to a patient safety organization. We see no support for that requirement in the text of the statute. Because the district court applied the wrong legal standard to assess BayCare's privilege claim, and because BayCare has no adequate legal remedy, we GRANT the petition and direct the district court to VACATE its orders compelling the disclosure of the privileged documents and RECONSIDER BayCare's assertion of privilege consistent with this opinion.
I.
Dr. Loux sued her former employer BayCare for terminating her after she committed surgical errors. She sought to discover BayCare's internal documents about the performance of other doctors who were not fired despite also committing errors. In response, BayCare argued that some of these files were privileged under the Patient Safety and Quality Improvement Act of 2005. Specifically, BayCare objected to disclosing documents, such as its "quality files" and "referral logs," that are stored in the secure electronic database rlDatix.
The Act creates a statutory privilege for work product prepared for or reported to patient safety organizations. See 42 U.S.C. § 299b-22(a)(2). Patient safety organizations analyze patient safety trends and propose new methods to providers to mitigate medical risks in the care process. The Act tasks the Secretary of the Department of Health &Human Services with certifying and listing entities as patient safety organizations. See id. § 299b-24. Congress created the privilege "to encourage the reporting and analysis of medical errors and health care systems by providing peer review protection of information reported to patient safety organizations for the purposes of quality improvement and patient safety" so "an environment [exists] in which health care providers are able to discuss errors openly and learn from them." H.R. Rep. No. 109-197, at 9 (2005).
The privilege operates by defining three terms: patient safety work product, patient safety organization, and patient safety evaluation system. The Act provides that "patient safety work product" cannot be "subject to discovery in connection with a Federal, State, or local civil . . . proceeding ...." 42 U.S.C. § 299b-22(a)(2). The Act defines "patient safety work product" as, in relevant part, "any data, reports, records, memoranda, analyses, . . . or written or oral statements" that (1) "are assembled or developed by a provider for reporting to a patient safety organization and are reported" or (2) otherwise "identify or constitute the deliberations or analysis of, or identify the fact of reporting pursuant to, a patient safety evaluation system." Id. § 299b-21(7)(A). The Act defines a "patient safety organization" as "a private or public entity or component thereof that is listed by the Secretary" of HHS as a qualifying entity. Id. § 299b-21(4). And the Act defines a "patient safety evaluation system" as "the collection, management, or analysis of information for reporting to or by a patient safety organization." Id. § 299b-21(6). The Act excludes from its protection, among other things, "information that is collected, maintained, or developed separately, or exists separately, from a patient safety evaluation system." Id. § 299b-21(7)(B)(ii).
BayCare introduced evidence about how it decides whether to make reports to a patient safety organization. When the hospital receives a complaint about a doctor, its Customer Experience Department refers any complaint involving safety concerns to a quality care coordinator. Those patient safety referrals are tracked in BayCare's referral logs, which are stored in rlDatix, a "secure electronic database." After the quality care coordinator receives the referral, the system generates a new document called a quality file. The quality file contains descriptions of the event and records the coordinator's analysis, including informal "peer review" such as input from department heads about whether there was a deviation in the standard of care. The coordinator then records any rectifying steps performed by BayCare. He or she will also analyze whether the concern was significant enough to forward to the Clinical Risk Department, the final step in BayCare's complaint evaluation process, which sends reports to a patient safety organization and then works with the organization to develop new safety protocols.
BayCare's elaborate patient safety evaluation process does not relieve it from state law recordkeeping and reporting obligations. As relevant here, the State of Florida requires BayCare to maintain agendas and minutes of formal peer review meetings, see Fla. Stat. § 395.0193(2), and report certain serious adverse patient outcomes to the state within fifteen days, see id. § 395.0197(7), which are commonly referred to as "Code-15 reports." To comply with these requirements, BayCare creates additional documents using separate systems. For example, BayCare does not use documents from rlDatix as its Code-15 reports to Florida; instead, it creates the reports using the state's reporting portal. BayCare then retains its copy of the completed form outside the rlDatix database. Similarly, when it discloses the agendas and minutes for peer review meetings to the State, BayCare creates separate documents outside rlDatix that are never placed in the database.
As a consequence, BayCare "has never used any of the [files] kept in rlDatix to meet any external reporting obligation." But it concedes that it uses information stored in rlDatix for more than just reporting to a patient safety organization. Multiple BayCare teams can access the stored information internally for risk management, quality assurance, peer review, or root cause analysis.
After reviewing the contested documents and conducting a hearing, the magistrate judge recommended that the district court treat the documents as privileged under the Act. The magistrate judge classified the quality files as materials that were used to assess patient safety and quality of care. The magistrate judge determined that the referral logs, like the quality files, were patient safety work product that "identif[ied] the fact of reporting pursuant to, a patient safety evaluation system." 42 U.S.C. § 299b-21(7)(A)(ii).
The district court disagreed and ordered BayCare to provide Loux the disputed documents. It concluded that the Act does not privilege documents if they have a "dual purpose," only one of which relates to making reports to a patient safety organization. Based on that legal conclusion, the district court held that these documents were not privileged. The district court explained that, to the extent Florida law required BayCare to create any information, BayCare's documents reflecting that information were not solely to report to a patient safety organization and, therefore, are not privileged. The district court likewise held that, because BayCare used information in rlDatix for other purposes, such as internal safety analysis and peer review, the information was not privileged. The district court also expressed concern that Loux would be "unable to have proper litigation discovery" without the documents. Accordingly, the court ordered BayCare to produce the quality files and referral logs.
This petition followed.
II.
BayCare is entitled to a writ of mandamus if the district court clearly abused its discretion and if there are "no other adequate means" to remedy the district court's clear abuse of discretion. Jackson v. Motel 6 Multipurpose, Inc., 130 F.3d 999, 1004 (11th Cir. 1997) (quoting In re Temple, 851 F.2d 1269, 1271 (11th Cir. 1988)). An error of law is a per se abuse of discretion. Managed Care Advisory Grp., LLC v. CIGNA Healthcare, Inc., 939 F.3d 1145, 1153 (11th Cir. 2019). A petitioner's right to issuance of the writ must be clear and indisputable, and we must be satisfied that the writ is appropriate under the circumstances. United States v. Shalhoub, 855 F.3d 1255, 1262-63 (11th Cir. 2017).
III.
We believe BayCare is entitled to a writ of mandamus. There's no dispute that mandamus is BayCare's only possible remedy. Should it have to produce the quality files and referral logs, the disclosure of that information cannot be undone-regardless of what protective measures the court may order. Because of the importance of privileged information, the seriousness of the injury when disclosed during discovery, and the lack of effective review after disclosure, we have found that mandamus is the appropriate remedy for immediate review in comparable cases. In re Fink, 876 F.2d 84, 84 (11th Cir. 1989).
The only disputed question is whether the district court erred when it ordered BayCare to produce the quality files and referral logs at issue. We believe it did. BayCare argues, and we agree, that the district court clearly abused its discretion by applying the incorrect standard to assess whether BayCare's quality files and referral logs fell under the privilege. Specifically, the district court applied a "dual" or "sole" purpose test that is not supported by the text of the Act. Rather than satisfy any atextual "sole purpose" requirement, the statute requires BayCare to establish that the files (1) "identify or constitute the deliberations or analysis of" a patient safety evaluation system, 42 U.S.C. § 299b-21(7)(A)(ii), and (2) are not "collected, maintained, or developed separately, or exist[] separately, from a patient safety evaluation system," id. § 299b-21(7)(B)(ii).
We can start, and end, with the text of the statute. As we've already explained, the Act operates by defining-and then protecting from disclosure-"patient safety work product." It defines "patient safety work product" in three ways: (1) "data, reports, records, memoranda, analysis . . . or written or oral statements . . . assembled or developed . . . for reporting to a patient safety organization," id. § 299b-21(7)(A)(i)(I); (2) such things developed by a patient safety organization, id. § 299b-21(7)(A)(i)(II); and (3) such things that "identify or constitute the deliberations or analysis of, or identify the fact of reporting pursuant to, a patient safety evaluation system," id. § 299b-21(7)(A)(ii).
BayCare's privilege claim arises under the third paragraph. It argues that the quality files and referral logs reflect "the deliberations or analysis of . . . a patient safety evaluation system." Id. The Act defines a "patient safety evaluation system" as "the collection, management, or analysis of information for reporting to or by a patient safety organization." Id. § 299b-21(6). So, reading the operative language together, BayCare must establish that the disputed documents "identify or constitute the deliberations or analysis of" BayCare's process of "collect[ing], manag[ing], or analy[zing] information for reporting to or by a patient safety organization."
The parties do not dispute that BayCare's rlDatix database contains its "patient safety evaluation system" within the meaning of the statute. Instead, the dispute is about a question of law: BayCare argues that there is no "sole purpose" requirement in the statute; Loux argues that there is.
We agree with BayCare. Under the plain text of this statute, it does not matter whether BayCare created, used, or maintained the disputed documents for multiple purposes. Contrary to the district court's order, nowhere does the statute require that privileged information be "kept solely for provision to a Patient Safety Organization." Instead, the Act privileges work product so long as it "identif[ies] or constitute[s] the deliberations or analysis of, or iden-tif[ies] the fact of reporting pursuant to" a patient safety evaluation system, id. § 299b-21(7)(A), regardless of whether it is reported to a patient safety organization. The relevant administrative rule confirms as much: BayCare "may use patient safety work product for any purpose within [its] legal entity." Patient Safety and Quality Improvement, 73 Fed.Reg. 70732-01 at 70779 (Nov. 21, 2008). Nothing "prohibit[s] the disclosure of patient safety work product among physicians and other health care professionals, particularly for education purposes or for preventing or ameliorating harm." Id. at 70778.
As far as we are aware, the only basis for imposing a "sole purpose" test is a brief reference in HHS's supplemental guidance from 2016. See HHS Guidance Regarding Patient Safety Work Product and Providers' External Obligations, 81 Fed.Reg. 3265501 . It includes a small chart of information that "[c]ould be" patient safety work product if it is "prepared solely for reporting to" a patient safety organization. Id. at 32656. But that supplemental guidance, by definition, isn't law. See Kisor v. Wilkie, 139 S.Ct. 2400, 2420 (2019). And that portion of the 2016 guidance contradicts HHS's final rule-which does have legal effect. See id. The regulation is clear-"[U]ses of patient safety work product within a legal entity are not regulated and thus, patient safety work product may be used within an entity for any purpose, including" "credentialing, disciplinary, and peer review purposes." Patient Safety and Quality Improvement, 73 Fed.Reg. 70732-01 at 70779.
There are some statutory exceptions to the privilege, of course. The privilege does not protect from disclosure "a patient's medical record, billing and discharge information, or any other original patient or provider record." 42 U.S.C. § 299b-21(7)(B)(i). It also does not apply to "information that is collected, maintained, or developed separately, or exists separately, from a patient safety evaluation system." Id. § 299b-21(7)(B)(ii). That kind of separately developed or maintained information "shall not by reason of its reporting be considered patient safety work product." Id. Finally, the privilege doesn't affect obligations to make reports to governmental agencies or any recordkeeping obligations tied to those reports. Id. § 299b-21(7)(B)(iii)(II)-(III).
None of these exceptions even arguably support a "sole purpose" requirement. The first exception applies to a category of information exempt from privilege no matter where it is found or why it was created. The second exception turns on where and how information is developed, stored, or located; it states that the mere fact that information may be privileged if it is developed in one setting does not mean it is privileged in any setting. The third exception to the privilege means that states may continue to impose recordkeeping and reporting requirements in hospital systems like BayCare. But nothing in the statute says that documents are privileged only if they are created or maintained for a single purpose.
Applying these exceptions, the district court found that BayCare's documents were not privileged because the quality files and referral logs "are dual-purpose records that [BayCare was] required to make by Florida Statutes, § 395.0193(2)." That state law requires that providers "develop written, binding procedures" for peer review and provide agendas and minutes to the state. There are two problems with this conclusion. First, BayCare submitted undisputed evidence that it satisfied state reporting requirements by creating new documents outside its patient safety evaluation system. See id. § 299b-21(7)(B)(iii). Second, although this state law requires certain licensed facilities to develop procedures for peer review, it does not require the disclosure of the peer review process. On the contrary, state law provides that "[t]he proceedings and records of peer review panels, committees, and governing boards . . . are not subject to inspection under s. 119.07(1)," "are not open to the public under the provisions of chapter 286," and "shall not be subject to discovery or introduction into evidence in any civil or administrative action against a provider of professional health services arising out of the matters which are the subject of evaluation and review by such group or its agent ...." Fla. Stat. § 395.0193(7) &(8). Accordingly, there is no evidence in the record that the quality files or referral logs at issue in this mandamus action were created or maintained separately to meet any external obligations or that they were reported to the state.
Again, administrative guidance amplifies this plain-text point. HHS has explained that the statute allows providers to maintain separate systems for patient safety work product and records necessary for external record keeping and reporting obligations. Patient Safety Work Product, 81 Fed.Reg. 32655-01 at 32659-60. Documents reported to a state are not privileged. Id. at 32659. So, to avoid removing documents from a patient safety evaluation system to meet external obligations, providers can "maintain at least two systems or spaces: A [patient safety evaluation system] for [patient safety work product] and a separate place where it maintains records for external obligations." Id. at 32659. With two systems in place, providers can ensure that they will not need to "drop out" information from their evaluation systems to satisfy state law requirements.
In the face of this straightforward statutory analysis, Loux makes three arguments to support the "sole purpose" test. None is persuasive.
First, Loux argues that reading the Act according to its text conflicts with our decision in Adkins v. Christie, 488 F.3d 1324 (11th Cir. 2007). We disagree. In Adkins, we decided whether to recognize an evidentiary privilege known as the "medical peer review privilege" in federal civil rights cases. We ultimately declined to recognize the privilege. Id. at 1326, 1327-30. But that medical peer review privilege was a common law privilege our circuit had not yet recognized. We therefore decided the question in Adkins under Federal Rule of Evidence 501, which explained that "[e]xcept as otherwise . . . provided by Act of Congress," privileges "shall be governed by the principles of the common law as they may be interpreted by the courts of the United States in the light of reason and experience." Id. at 1328 (quoting Fed.R.Evid. 501 (1975)). And in declining to adopt this common law privilege, we recognized that common law privileges "remain disfavored and should not be lightly created." Id. But this action involves a privilege created by a federal statute, not the common law. We are bound by what the statute says, not our own view of whether the privilege "achieve[s] a public good" Id. (quotation marks and citation omitted). Our reasoning in Adkins is therefore inapplicable.
Second, Loux relies on persuasive authority from other courts. Although neither we nor our sister circuits have addressed the federal privilege in similar situations, we believe our reading of the text is consistent with most other courts that have confronted the issue. That is, many other courts have also rejected a reading of the statute that limits the privilege to documents created for a "sole purpose." See, e.g., Taylor v. Hy-Vee, Inc., No. 15-9718-JTM, 2016 WL 7405669, at *1, 3 (D. Kan. Dec. 22, 2016) (finding documents to be privileged even though the data was also used for the provider's "internal and state-mandated quality improvement system"); Thompson by Willis v. United States, No. 18-CV-1520-NJR, 2020 WL 3962270, at *1, 4 (S.D. Ill. July 13, 2020) ("The privilege is not waived for a document generated specifically for reporting to a [patient safety organization] merely because it references information generated elsewhere for other purposes."); Baptist Health Richmond, Inc. v. Clouse, 497 S.W.3d 759, 766 (Ky. 2016) (holding that if a provider fulfills state reporting obligations with separate documents, then courts have "no reason to review the information in the provider's patient safety evaluation system").
Loux cites one precedent that requires a more extensive discussion: the Florida Supreme Court's decision in Charles v. Southern Baptist Hospital of Florida, Inc., 209 So.3d 1199 (Fla. 2017). In Charles, a patient-who was also a medical malpractice plaintiff-sought access to "adverse medical incident reports" over a provider's objection that the reports were privileged as patient safety work product. Id. at 1211. The Florida Supreme Court held that the reports were not patient safety work product because they had to be disclosed to "patients" under a state constitutional provision. See id. at 1204 (citing Fla. Const. art. X, § 25, amend. VII). The court analogized this state constitutional amendment to the kind of state law recordkeeping and reporting requirement that the Act expressly does not affect. Id. at 1214 ("[A] mandatory disclosure law in our state constitution is not preempted by a health care provider's choice to" participate in patient safety activities under the Federal Act). Because state law required that these reports be disclosed to any patient, the Florida Supreme Court held that the "disclosure [of these documents] fits squarely within the providers' recordkeeping obligations under state law." Id. at 1211. In other words, the court held that, if state law requires records be maintained and disclosed, then those records are not patient safety work product just because they are in a particular database.
We believe Charles is distinguishable. The court's bottomline conclusion turned on the plaintiff's state law right to access the documents. Unlike the plaintiff in Charles, Loux does not argue that she has a state law right to access the information that she is seeking. And, as we have already explained, both the statute and HHS regulations provide an avenue for providers to meet their state law reporting requirements without forfeiting the privilege that applies to patient safety work product. See Patient Safety and Quality Improvement, 73 Fed.Reg. 70731-01 at 70,742; Patient Safety Work Product, 81 Fed.Reg. 32655-01 at 32656, 32659.
Finally, Loux argues, and the district court agreed, that without access to documents like these, litigants like Loux would have a difficult time locating comparators for their employment-related claims. But we cannot decline to apply a statutorily created privilege because of concerns about good policy. Obviously, any privilege can make it more difficult for a certain litigant to prove his or her claims. But courts are still bound to apply privileges even when it makes a litigant's position more difficult. See Cox v. Adm'r U.S. Steel &Carnegie, 17 F.3d 1386, 1419 (11th Cir. 1994). Congress weighed these policy implications when it drafted, debated, and passed the Act.
We also note that Loux still has other discovery options to find this information, such as deposing decisionmakers and requesting non-privileged records. Although certain documents may be privileged, the fact of adverse incidents is not. And, if BayCare cites to portions of the quality files or referral logs to argue that it treated comparators differently because of their different patient safety records, it may end up waiving its privilege as to those records. See Johnson v. 27th Ave. Caraf, Inc., 9 F.4th 1300, 1313 (11th Cir. 2021) (explaining that privileges are "a shield, not a sword," and that parties cannot selectively disclose privileged information to prejudice their opponent's case).
The upshot is that the district court abused its discretion when it applied the wrong legal standard to assess BayCare's assertion of privilege. Because the district court applied a "sole purpose" exception to the plain text of the Act, we direct the district court to vacate its order and reconsider BayCare's assertion of privilege.
Nonetheless, we emphasize the limited nature of our order. We do not conclude that everything in BayCare's rlDatix database is privileged. Nor do we direct the district court to treat any particular document as privileged. We direct only that, rather than apply a "sole purpose" test, the district court ask whether each document reflects "identif[ication]," "deliberations," or "analysis" about "the collection, management, or analysis of information for reporting to or by a patient safety organization." And, if it does, whether the document fits any particular exception to the definition of patient safety work product provided in the statute.
IV.
The petition for writ of mandamus is GRANTED. We direct the district court to VACATE its two orders (Doc. 103 and Doc. 112) and RECONSIDER BayCare's assertion of privilege consistent with this opinion.