Hiring an expert in electronic medical records (EMR’s) will help uncover record manipulation that will assist law professionals in winning medical malpractice cases for their clients. Check out this blog to see how a Kentucky woman waged a monumental fight against the medical system that failed her!
A site visit by an expert pays off, a Computer Forensic Expert Finds the Smoking Gun in the Electronic Medical Record (EMR) audit trail!
Kim Johnson noticed a lump on her right breast and because her mother died of breast cancer she feared the worst. In January 2015, she went to Fleming County Hospital in Flemingsburg, Kentucky, to get a mammogram. When she received a letter from the hospital that proved she had “no evidence of cancer”, this Kentucky mother of eight breathed a huge sigh of relief. Several months had passed and the lump continued to grow so she decided to get a second opinion. She was horrified to learn she has stage 4 cancer.
Sadly, Fleming County Hospital had sent the wrong letter, giving Johnson the all-clear instead of directing her to return for a follow-up examination. In September 2016, Johnson filed a lawsuit against the hospital claiming doctors misdiagnosed her, and that two employees deleted evidence of the letter saying she didn’t have cancer. How did she know this?
She hired a digital forensic expert!
Ms. Johnson and her lawyer’s hired a digital forensic expert skilled in examining EMR audit trails. During a court-ordered on-site visit, they found employee EMR entries that edited the history and deleted the evidence of the erroneous letter claiming that she was cancer-free.
In the wake of the misdiagnosis by the hospital, Ms. Johnson is left with a long battle with cancer. If her cancer would have been recognized at an earlier stage her quality of life would have been different as a result. She trusted the system and it failed her.
Who protects the patient? The HIPPA law ensures accountability
Required by the Health Insurance Portability and Accountability Act (HIPAA), hospitals and healthcare providers are to maintain an audit trail of all access, entry, and modification of the patient’s EMR to ensure accountability. Hiring a computer forensics expert that has experience with examining Health Information Systems (HIS) and the related EMR audit trails that can make or break your case. Call Enigma Forensics staff today if you think you may have a case requiring similar assistance. 312-668-0333.
Have you or someone you know been involved in medical injury or accident? Do you want to win your case? Or…If you’re an attorney and have questions about a case involving medical malpractice, read this blog and contact Enigma Forensics for the “W”.
Were you or a loved one involved in a medical accident or injury? Are you an attorney who is representing an injured client?
If the answer is yes, take immediate action and file a Discovery request or subpoena to access all of your Electronic Medical Records (EMR). Why is this important? In order to prove injury or malpractice and win your case it’s imperative to discover what took place and the actions that caused an event. Your electronic medical records or EMR audit trail will document what transpired. EMR audit trails will include prescriptions, tests, treatments, transfers, operation notes, nurse practitioners and doctors notes and a ton more. Electronic Health Records (EHR) are rich with data information describing the care that was provided and decisions that were made good or bad. Some medical record systems such as Epic have sticky notes that are traditionally not part of the formal patient permanent electronic record. Those sticky notes are required to be stored by the Health Insurance Portability and Accountability Act (HIPPA), but are not part of the discharge report showing the patient electronic medical record history. The data does exist and working with a qualified medical record forensic expert can help you to gain a more complete record of the patient encounter with the health care provider.
What else does Electronic Medical Records (EMR) include?
Electronic Medical Records and the patient medical record audit trail include the original record and will note any modifications. It will also preserve dates, times, who accessed the record and whether the record was printed, viewed, deleted or otherwise modified. Many of the systems today, such as; Epic, Cerner, Meditech, All Scripts and others have reports that can be downloaded to reveal vital information about who has authorization to access and audit electronic health records.
Medical dictations are another vital piece to the puzzle. Dictation files are sometimes sent to third party transcription service providers as raw audio files called WAV files. After the WAV files are received they are typically transcribed to text files and fed back into the electronic health record software system. When modification of the patient medical record occurs after an injury or malpractice took place, comparing the transcription WAV files to the produced chart may help reveal alteration to the patient medical records.
Patient Electronic Medical Charts are often Incomplete. You could lose your case!
When electronic medical record discovery requests are made by plaintiffs to healthcare providers, it is common that the production lacks the complete patient medical record history. Healthcare providers facing litigation commonly provide a minimal amount of data in an often useless format. The form of production is often scanned copies of previously printed our documents or charts. Codewords for health care providers, departments and procedures often make interpretation even more challenging. Having an experience EMR computer forensics expert can help provide a more accurate interpretation of the complete Electronic Health Record (EHR) for the harmed patient.
The Health Insurance Portability and Accountability Act of 1996, or HIPAA is a federal law which requires your medical records to be retained for six years at a federal level. However, most states also have their own medical retention laws which can be more stringent than HIPAA stipulates. Check out this government website to learn about how different states interpret this governance. https://www.hhs.gov/hipaa/for-professionals/privacy/index.html
How important are faxes? This could win your case!
In some cases, Electronic Medical Records (EMR) are faxed to outside providers either to or from your primary physician. Software vendors such as Forward Advantage provide automated faxing capabilities integrating with the existing health care information management systems and patient medical records. It’s vital you request all communication between facilities to help prove or disprove what and when medical knowledge was presented to the provider to make an informative decision relatable to an event.
Let’s say you have already requested an EMR audit trail for a patient. Did you know that the Electronic Medical Records (EMR) audit trail you received contains cryptic codes that you will not be able to comprehend. It’s extremely helpful to request all of the underlying data dictionaries that will provide the definition of the codes used referring to the friendly name, including, the healthcare provider’s name, department, computer used to access the EMR, procedures, treatments, tests ordered, drugs prescribed and lab results.
Did you know that medical data is required to be retained for six years?
Do you want to to win your case! You need Enigma Forensics experts on your team! Hire a professional forensic expert to assist in writing a Discovery request to obtain, preserve and analyze ALL of the electronic medical records and to help you obtain the complete EMR audit trail. We can help uncover the truth of what took place and help tell the court the story about what happened to you or your client.
Call Enigma Forensics at 312-668-0333 to schedule a complimentary phone call to discovery how we can assist.
Enigma Forensics experts investigate, preserve and recovery data to prove or disprove Trade Secret Theft. We have assisted many clients in financially recovering what was stolen from them or to help clear their name. Are you interested in learning more about trade secret theft? Check out Tesla’s latest law suit against a former software engineer.
A large portion of our business is forensically recovering and preserving data that is vital in proving or disproving trade secret theft. Enigma Forensics experts love to follow Tesla! We love the look of their beautifully engineered electric cars and we’re very interested in Elon Musk, the controversial character behind the engineering. Who is now labeled the most wealthiest man in the world. Our interest was piqued when we heard about Tesla’s latest lawsuit and that prompted us to write this blog.
On January 22, Tesla filed a lawsuit against Alex Khatilov, a former software engineer over Trade Secret Theft and Breach of Contract. Tesla contends that within days after Khatilov started his position on December 28, 2019, he began stealing thousands of highly confidential software files from Tesla’s secured internal network, transferring them to his personal cloud storage account on Dropbox to which Tesla has no access or visibility.
How did Tesla discover this trade secret theft or misappropriation of data?
On January 6, Tesla’s information security personnel detected Khatilov’s unauthorized download of a complete set of all the automation scripts produce by the Quality Assurance Engineering team for WARP Drive over the last twelve years! He was confronted the next day via Microsoft video chat due to Khatilov working remotely because of COVID-19 restrictions. Khatilov claims he installed a Dropbox desktop application to his Tesla issued laptop to allow him to upload administrative files to his personal Dropbox. He swore over and over that he only transferred administrative documents and then when he finally shared his screen with Tesla investigators he could be seen deleting the Dropbox files while on video chat confirming he had willfully destroyed evidence.
Why all the fuss?
How important are these scripts? These scrips are unique to Tesla and run on WARP Drive, the backend software for much of Tesla’s business. These files consisted of “scripts” of proprietary software code that Tesla has spent years of engineering time to build. When executed, these scripts automate a broad range of functions throughout Tesla’s business and only a few select employees have access to these files. It gets better! This is the good part…Khatilov contends he forgot about downloading thousands of confidential files!
The reality of this trade secret theft or misappropriation of confidential data is that Tesla has no way of knowing whether Khatilov copied the scripts onto a thumb drive, a mobile device, or a cloud based storage or most importantly sent them to another individual. To understand more thoroughly how important these “scripts” or trade secrets are…They map out Tesla’s innovations! Making them extremely valuable and beneficial to any competitor.
What measures ensure against trade secret theft or misappropriation?
Tesla limited the “scripts” access to only members of the Quality Assurance Engineering team in which Khatilov was one of forty employees to have access. The engineers that have access are not permitted to download scripts to the cloud or personal devices. This makes us wonder how Khatilov was able to download data!
Only eight people within the Tesla company are approved to grant access to these scripts.
Each engineer signs an extensive employment agreement and agrees to policy conditions of their employment with includes a non-disclosure agreement (NDA), that holds each employee to the strictest confidence of proprietary information, technical data, trade secrets so on and so forth.
The NDA also states that upon termination or departure each employee will immediately return to the company all original document electronic or hard copies.
Each physical facility has restricted access to only authorized personnel that are monitored by security guards and cameras.
All visitors must check in with security, sign a NDA, submit to a photograph and be escorted by an employee.
Tesla also used password-protected and firewall-protected networks and servers that are only accessible to current Tesla employee with the proper credentials.
Moral of this story is…
Even high level technology companies has issues with trade secret theft. If your company suspects something like this, immediately hire a computer forensics expert to electronically preserve data of soon to be departing or a departed employee that has already left the company. Enigma Forensics can analyze data that was misappropriated or stolen to help clients recover financial loss.
Social media and cell phone forensics can play an important role in thwarting criminal activity. Check out this conversation between Cyber Forensic Expert Lee Neubecker and Data Diva, Debbie Reynolds. You will be so much smarter afterwards!
Snap Chat, Twitter, Facebook: Social Media and the Importance of Cell Phone Forensics
Lee Neubecker and Debbie Reynolds, the Data Diva, discuss the role of law enforcement in capturing social media posts when trying to thwart the bad guys coordinating a riot or the more recent looting incidents in Chicago. During this difficult time in our nation, what is the role that cell phone forensics should take? Did you know that Apple phones have the ability to automatically shut down when stolen and have a beacon that will detect the location of the phone making it easy for law enforcement to come knocking on the thief’s door? Check out this video to learn more about the role of social media and cell phone forensics.
Transcripts of Video Follows
Lee Neubecker (LN): Hi, it’s Lee Neubecker, and I have Debbie Reynolds back on the show, Debbie thanks for being on remotely.
Debbie Reynolds (DR): Thank you for having me.
LN: So I asked you to come on so that we could talk a little bit about some of the recent lootings that have happened in Chicago and other areas across the country. And what could be happening, as it relates to cell phone forensics and how law enforcement can be using that to get to the bottom of how these coordinated attacks are being planned and who might be involved.
DR: Most of what I know about this is basically what you told me so, why don’t you just sort of share what your experience has been so far in the current environment, and then we can talk from there?
LN: Sure. Well, right now, I know that some of the looters that were apprehended had cell phones on them. We don’t know exactly how the information is being used by law enforcement, but technically, an example of things that could happen could include, doing forensics on the cell phone, identifying Snapchat handles they have communicated with, looking at text messages, looking for Twitter accounts and postings. And potentially, what I saw happening during the last week, at least in one instance, there was a post made to Twitter by a user that made a reference to doing a gig at Urban Outfitters on the West Side, and roughly a few hours after, that post went out on Twitter, referencing Urban Outfitters, Nike’s, Liquor and other things. Around four hours after that, looting that went on at that store, so that handle that posted and anyone else that reacted to that post could certainly have been alerted to the potential for mass looting in a coordinated way via social media.
DR: Yeah, I think even though the police do have capabilities to do that type of tracking and tracing, they they do heat maps of certain things. The problem is that these incidents, if they are coordinated, they happen pretty quickly so it’s sort of hard for them to kind of preempt it. But as you said, always, they have capabilities, right? To do anything with like cell phones that they capture, but they also have capabilities to do things like geofencing about who was in the area at certain time. So, a lot of what they’re doing is not necessarily preemptive or pre-crime is more of, if something is happening or has happened, they can go back and try to backtrack or trace or… If there are people on the scene they can apprehend whoever is there that’s doing whatever and they sort of build it out from there, right?
LN: Yeah, but just the other day, someone was captured and apprehended in… They got caught because they were posting their raid via social media, and they had a live view of them going to bomb, they were threatening to bomb the place and looted, taking cash registers and the stuff was, this someone that was not from Chicago, I think from downstate, somewhere that came in and came in with a goal to create problems and had a past history of that, but the person had the audacity to post it to Facebook, and the FBI just busted them and they’re indicted now.
DR: I don’t know why people share such things on social media. Because yeah, they do track and trace that. But, a lot of the things especially as I saw, it seemed like a lot of stores that have things like mobile phones have been attacked. And as you know those things are pretty easy to trace back. So I don’t know how far people–
LN: Apple had LoJack, in all their phones at the retail store, and so people who took those phones likely those phones likely got located but-
DR: Oh yeah, definately.
LN: I don’t know that that’s happening at the the cheap cell phone stores, the burner phones.
DR: Well, yeah, those are… No, I mean, they probably… If anything, obviously may have serial numbers and stuff like that but, once you… Whether it’s broken, or people change sims or whatever, it’s harder to track that stuff down. But yeah, the Apple phones, yes. They wouldn’t have very much problem. I think as I heard, I read that what Apple had done is for all the phones that were stolen from them, they were able to lock those down. And then it had a screen on there so that you actually couldn’t use it. So, that’s what I heard was happening with Apple.
LN: Yeah, well, they also have the ability to beacon out and send GPS location so-
DR: Oh, absolutely.
LN: People who are buying stolen Apple phones might find someone knocking on their door, law enforcement.
DR: Yeah, it’s probably not a good idea to buy one off the street at this point. So yeah.
LN: Yeah. Well, any thoughts on your concerns if the privacy issues that might relate to mere surveillance on people and tracking social media posts and actually getting in and subpoenaing phone numbers that were taxed to help try to prevent looting from happening?
DR: Well, okay. I guess that’s a couple of different things rolled up into one. So, obviously I’m concerned with mass surveillance, especially if it is capturing information not accurately or targeting people who may not have even been involved. So for example, a cell phone can’t tell like let’s say for instance, you’re standing at a corner and I’m at the stoplight. It says we’re next each other, but we’re not together. So, a cell phone tracking can’t really tell that so eury people who aren’t involved, who are innocent, who are especially in this regard, peacefully protesting, having them be adjacent to other people doesn’t mean that they were involved so-
LN: Lets just say though, for instance, that they found that there was a string of businesses hit, the Foot Locker, then Denny’s Liquor, CVS and Walgreens.
LN: There were a group of 20 people that all pinged off the four cell phone towers at the same times, and we’re in close proximity to that and a few other people were ID’d, would that be enough to justify surveillance on people where there were four cell phone towers in common across a range that put them all in the vicinity of where looting took place?
DR: I’m not sure if it would justify surveillance, so to speak, but I think that if they have other evidence, it may help them target those people more closely but, in terms of sweeping people up in surveillance exercise, I don’t think that’s going to happen unless they have additional information. So, let’s say they have information just like you said, like, okay, these people are in the vicinity and then they posted a picture on Facebook with some loot gear that they got, that would be enough, I think, to justify surveillance but just the fact, surrounding the vicinity, that’s probably not enough to go on, I don’t think.
LN: I appreciate your opinions and thoughts on this. It’s a difficult time right now and hopefully we’ll have stability and we’ll have people held accountable on all fronts, not just the leaders.
How can we put an end to this protest? Cell phone forensics is the key to finding out who is organizing violent protests and looting by checking social media sites. It’s that simple!
Chicago Police Superintendent David Brown recognizes social media contributed to the rise in looting
Is Cell Phone Forensics the key to ending the looting? Chicago is reeling back from the third day of unrest and violent protest. Not only are we healing from a global pandemic we are now faced with the threat of violence in all of our neighborhoods. On Monday, we witnessed the third day of violent protest. It was reported that law enforcement arrested approximately 699 people and sadly, 2 people who were shot and killed in Cicero. Feelings of anger, frustration and despair are common threads that bind all of us. The question on everyone’s mind is when is all this going to stop? The Chicago Police department is dealing with a great deal; protecting the neighborhoods and at the same charged with stopping violence. The same violence that was started by a deadly police action.
Many have heard on mobile scanners that hundreds of people driving in caravans are traveling into the city from outside Chicago. Some believe these caravans are organized on social media and are encouraging violent protest and looting. Forensic technology can stop this type of organized violent protest. Once a bad actor has been apprehended, law enforcement needs to perform remote cell phone forensic analytics to discover social media posts, connect friends and followers to thwart passing of information. This is a new age of technology and our police department needs to be able to trace violent networks of people to respond in real time as to prevent personal attacks an property damage.
Enigma Forensics is an expert cyber forensic company that offers forensic imaging of cell phone, laptop and other electronic devices. We are able to analyze the electronic footprint left behind and provide detailed tracing to assist in litigation.
More about expert technology and cell phone forensics
Are Computer “Bots” Making Your Healthcare Decisions?
Are Computer “Bots” Making Your Healthcare Decisions?
Enigma Forensics CEO Lee Neubecker and David Bryant from Bryant Legal Group discuss computer “bots” used by insurance companies as a way to underwrite policies and making insurance claims decisions. Bots are now determining how a given claim should be scored. See how ediscovery plays a role in getting success for your client.
The transcript of the video follows
Lee Neubecker: I’m here today with David Bryant from the Bryant Legal Group and we’re going to talk a little bit about health insurance claims in his work, helping people get the coverage they deserve.
David Bryant: Nice to be here, Lee, thanks for taking the time to stop by. We’re seeing a very significant shift in the insurance industry with respect to claims adjudication and claims determinations. One way of looking at how this change is happening is to look at the dollar volume that’s being invested into underwriting insurance policies and making claims decisions. The first metric I’d like to share with you is there is a company out of Europe that did some research on money flowing into what’s now called Insurance Tech, and approximately two billion dollars went into the Insurance Tech arena in 2016. This money is being deployed into not only underwriting, but how claims are made and I think everyone out there is familiar with Watson and the new term artificial intelligence. And how that’s playing out in the insurance industry is that a lot of claims decision-making is being taken out of the hands of individuals and being given to what we’ll call “bots”, robots, or termed a “bot” in tech speak. So these algorithms which will be designed by very bright people, such as yourself, to determine what a given claim should be scored. And if there’s a certain score, then a claims individual will be required to deny that claim. This is problematic for some of the insurance companies because if it’s discovered, through the discovery process, it can wind up hurting them in litigation for bad faith denial of a claim.
Lee Neubecker: So, David, can you tell me a little bit about what you do at the onset of one of your case matters to help make sure that you could argue your case in court?
David Bryant: So there’s really two phases to insurance claims. There’s the appeal process and then there is court. If your claim is denied I can always sue an insurance company in court. Typically that’s in Federal Court. I primarily practice in Federal Court but I do State Court as well. So once I wind up in a court setting I will send a litigation hold letter to the general counsel of the insurance company and that letter secures that all of the data in its electronic format is preserved. So if I want the emails on a particular claim individuals hard drive, that information should be present when I request that information by way of that litigation hold letter. When I do discovery in Federal Court we’re looking for electronically stored information. I’m not looking for paper any longer because we’re looking to get the metadata that’s embedded in that electronic information so we can find out who looked at it, when it was looked at, when it was altered. So, Enigma Forensics having the skill set to be able to determine who touches electronic files, who views electronic files, we will bring in your firm in those circumstances when we want that type of information in litigation. Lee Neubecker: So can you give me an example of when you’ve had to rely upon our computer forensic services for us to help you out with a matter and how that played a role in getting success for your client?
David Bryant: So we handle primarily health insurance and disability insurance claims on behalf of individuals and physician groups. So one of the matters that you handled for us dealt with a disability insurance claim and we were looking for certain key words and key word phrases that were on the server or hard drives of the particular individuals at the insurance company. Being able to cull through all this data is a Herculean task and would be extremely expensive for the defendants. So the defendants will typically go to the Court and say, “Judge, this is going to cost us way too much “money and interrupt our normal course of business. “We don’t want, Mr. Bryant, to have access “to this information or put us through the trouble “and cost of doing it.” I brought in your firm and your services and you were able to explain to the judge that you could do a search of all of the information held by the insurance company and find these key words and submit them to the Court in-camera, so there was no privacy concerns, and report to the judge what your findings were. The case soon settled thereafter.
Lee Neubecker: They usually do. Well thank you for being on the show today. If you need to reach David, his info is on the screen. Thank you.
Enigma Forensics, Lee Neubecker reviews with Eric Fish, the Federation of State Medical Boards, Senior VP of Legal Services, about the positive impact of artificial technology and machine learning on medical standards and regulations. Find answers how this technology will improve the patient experience in the future.
The transcript of the video follows
Lee Neubecker: Hello, I’m here today with Eric Fish, Senior Vice President of legal services. He’s with the Federation of State Medical Boards and he’s going to be talking to us a little bit today about his organization and how they’re using technology to change how things work.
Eric Fish: Thank you, well the Federation State Medical Boards is the organization that represents the 70 state medical and osteopathic boards who are charged by state law to regulate the practice of medicine within the various states, in that we help build standards for regulation, best practices. We also work with states on our data and other things that are exchanged that really help improve the regulation of medicine for the patient, the end user of medicine.
Lee Neubecker: Eric can you tell us a little bit about how artificial intelligence and machine learning are impacting your organization and membership?
Eric Fish: Well, Lee, we’re actually at a, what I believe to be, a crossroads of cultural, social, and technological change that are really going to change the way that we have to look at regulation for the public benefit. There’s going to be a lot more data on patient/provider interactions. There is also going to be much more data consumed by state regulators to see which of these interactions comply with the standards. One of the things that I see developing out of this A.I. and machine learning is that we’re going to be creating much more data that can be mined as a regulator to see what interactions are good and which interactions are bad.
Lee Neubecker: Eric can you tell us a little bit about how A.I. and machine learning are being implemented to improve transparency?
Eric Fish: Well, one of the things that’s going to occur, I believe, is that as patients and providers start turning to algorithms to help with that continuation of care. Really the people who implement these systems have to prove up to the regulators how these comply, how these algorithms, how other things are going to comply with the standards that are there. Artificial intelligence has been in medicine for a long time. Machine learning is a little bit new, where we’re taking some of the discussions and building a knowledge base that’s then going to be applied to the patient experience and regulation isn’t standing in the way of these things. The regulations are there so that they are done the right way and in comply with the standards and being transparent on that beginning end is a really great step toward complying with regulations and making the regulatory process better.
Lee Neubecker: Great, and so, you told me that your organization runs some services that consumers might want to be aware of. What are those and what are they used for?
Eric Fish: Well, one of the things that we do on behalf of our members is collate all the disciplinary and regulatory actions that are taken against a provider, and we have a service called Doc Info, where a member of the public can go look to see if an action has ever been taken against their physician. We have access to all 900,000 plus licensees and their information, and it’s really a great service and use of data that we’ve collated and given out to the public.
Lee Neubecker: Great. Well thanks for coming on today. I know you’ve brought your colleague, Mike Dugan. Who’s going to talk for a little bit. Thanks again for coming to the show.
Eric Fish: Thanks, thank you.
Lee Neubecker: I have Eric’s colleague, Mike Dugan, he’s the CIO of the organization, and Mike can you tell me a little bit more about some of the things that you’re doing to improve the quality of the data and integrity of the information?
Mike Dugan: Sure, surely, thank you. We, in many ways, we are a data aggregator and this involves a credentialing process for physicians so we pull data from national data sources, we pull data from institutions to verify physicians’ identity as well as their credentials, so the training and process that they have done. Historically, these have been very manual processes, but we’ve implemented technology to add additional data sources and also give us flexibility in how we consume data. Historically, it’s been a very structured we need a file in this format and our technology is still evolving, but we’re working it to give us the flexibility to work with any data source available.
Lee Neubecker: What are the concerns that your members have regarding data breaches and the potential complications resulting from them?
Mike Dugan: Well, I think they worry about that quite a bit and if anyone in technology who deals with identity and has information, if you’re not worried about data breaches then you’re missing the point and perhaps should be in another line of work. So, we are given the trust of the physicians and our member boards that when they give us their data that it will be protected and that it will be safeguarded, and we work very hard to do that, proactively. So I think that in this environment and this day and age, that is an activity and a task that we will do, it will never go away. It will be ongoing and we will have to adapt if there is new ways that are found to hack information, we always will have to improve our data security.
Lee Neubecker: Well thanks a bunch for being on the show. I appreciate you taking time.
Mike Dugan: Okay, thank you, thanks for having us.
Read More About Government Privacy Controls on Artificial Technolgy
Enigma Forensics CEO & President, Lee Neubecker discusses the of the Defend Trade Secrets Act with Trademark Attorney Brian Michalek.
The transcript of the Defend Trade Secrets Act 2016 video follows:
Lee Neubecker: I’m here today with Brian Michalek. He’s a trademark and IP attorney. Brian tell us what you’ve come on the show to talk about today?
Brian Michalek: Yeah, well first of all thanks for having me Lee. I appreciate you coming down here and spending some time with me today. You know what I wanted to talk about today is kind of some new applications of the Defend Trade Secrets Act. Which is, it’s about two years old now but it’s basically a federal cause of action concerning trade secret law.
Lee Neubecker: And what this means basically is if you’re an employer and you have someone who stole trade secrets, it offers you an opportunity to file in federal court as opposed to the state courts statutes.
Brian Michalek: Yeah, I think that’s right. And kind of taking like a step back, you know prior to 2016, what we had when we were talking about trade secret law were really a bunch of different states that had their own specific type of trade secret statutes. Some of these statutes were in fact pretty similar and shared a lot of consistencies but there were others that kind of had their own nuances and what that meant was that trade secret jurisprudence wasn’t completely harmonized. And it made it a lot more difficult to account for situations where we often encounter in the digital age where misappropriation of trade secrets happens across state lines or if we have a scenario where an individual who misappropriates a trade secret, resides in one state and the server in which they access to take the trade secret is in another state. We found that there was a lot of clunkiness with trying to figure out which state law would apply and how we could best go forward to making sure that the owner of the trade secret could get restitution appropriately. So, really what we have now in 2016 is a federal cause of action as you stated correctly that allows us to go straight into the federal courts and manage trade secret litigation from that vantage point. And I think it’s important to say also, that what we’re having is not a federal law that preempts state law but it supplements it. So, both can be acted upon.
Lee Neubecker: So, here in Illinois we have the Computer Fraud and Abuse Act that is often one venue. Why would someone who’s contemplating filing litigation against an employee who stole trade secrets here in Illinois. Under what circumstances would they want to try to pursue the Defend Trade Secret Act, a federal option as opposed to the Computer Fraud and Abuse Act.
Brian Michalek: Yeah, well it’s really going to depend on the particular fact scenario. That’s an issue here. The Computer Fraud and Abuse Act, you know, that generally is tailored to somebody who goes into a computer without authority to do so or oversteps their bounds and oversteps their access. So, it’s a little bit of a different cause of action but then again, there are situations where you have a fact pattern where an employee could run afoul of both statutes. Both the Computer Fraud and Abuse Act as well as the new federal Defend Trade Secrets Act.
Lee Neubecker: So, what are some of the advantages for someone who perceives a claim using the Defend Trade Secrets Act?
Brian Michalek: Yeah, I think there several advantages. I kind of hit on some of them earlier when we’re talking about the kind of this discord among different state laws and how they’re actually applied to certain fact patterns. But one advantage is that you get access to the federal court system. Previously when you have a state law you can do some things to get the claim into federal courts but it takes a little bit more, little more effort and you often times need to show that there’s diversity or you need to tack on a federal cause of action like the Computer Fraud and Abuse Act in order to do so. Right now with this cause of action, we’re actually allowed to file in federal court right from the get-go. And you know, there’s certain bit of strategy and advantage for employers to do that from an efficiency standpoint, from a practicality standpoint which allows to redress this misappropriation as soon as possible because you know, we’re dealing with a situation many times that when you have a trade secret that’s misappropriated, you need to act very quickly. Otherwise it can be disseminated and ultimately lost if things aren’t done to stop that.
Lee Neubecker: I understand the Act requires you to present your case of sorts as to why there’s an urgency to seize this information, when you’re trying to get the evidence. What would you try to do before you file your case to bolster your chances of getting a judge to grant you relief in terms of obtaining your trade secrets and getting that information back?
Brian Michalek: Yeah, that’s a good question. I think what you’re getting at is the defend Trade Secrets Act has a very special and new kind of prong to it. It’s a mechanism for a civil seizure and what that basically says it gives the court the power to and it’s ex parte I should say. So, it allows you if you feel that your trade secret is misappropriated to go to the court ex parte and explain to the court why you need redress and you need to, you know get your trade secret back or have it deleted of someone’s computer who misappropriated it or whatever recourse is appropriate. Now, this is new to the 2016 statute but there are some very specific hurdles that you need to get over. The statute itself says that this is really only for extraordinary circumstances and you have to show that other equitable means would not serve your interest like a preliminary injunction or a temporary restraining order. So, it is kind of a special remedy that’s offered and I think you know, we’ve had the statute for about two years now and there’s only been a handful of cases. There’s one in particular where the judge in fact did grant a civil seizure order and one of the reasons was because they found that failure to do so would cause the trade secret to be disseminated and ultimately lost. And really the next step there is to get the Federal Marshal Service involved and they will go in and actually reclaim that trade secret or delete it or make sure that appropriate recourse is made.
Lee Neubecker: Now, when you’re filing, would you encourage your clients to have an independent forensic analysis done with affidavit to support their claims? Do you think that would help the likelihood of actually getting that relief?
Brian Michalek: It’s again, it’s going to depend on the situation but I think kind of what you’re getting us is when you’re dealing with something that is taken from a computer. You know, we’ve dealt with situations where and I think these are becoming more and more common in the digital age, where an employee will do something with his computer before he quits and goes to competitor, he will transfer a file or copy a file or do something he’s not supposed to and the employer finds out and if they believe that there is some type of misappropriation or the employee took something that he worked here or she was not supposed to you know, they may have cause of action under this this federal action. And to your point, a lot of times doing a dealing with computers you do have to get a forensic expert involved so that you can actually know what was happening because people sometimes thinks that they can delete something or they can transfer it or hide it and you know, I’ve dealt with this enough times and I know you too, you have to Lee is that, you know, it’s very, very difficult to actually cover up your tracks unless you really know what you’re doing and that’s really where a forensic expert can help. Is when somebody tries to cover up their missteps, their tracks and if you get the right expert involved early, then you can at least have that evidence to really show the fact that or what was going on and why you are entitled to remedy under this federal act.
Lee Neubecker: And so Brian can you tell everyone some of the benefits, financially filing under this act?
Brian Michalek: Well, I think what you’re referring to is this act has one other wrinkle. It’s known as the whistle blower provision and basically it allows employees to blow the whistle and disclose what could be a trade secret and very limited fashion, if they believe that there is some wrongdoing. On the flip side of things, employers if they want to take full advantage of this act and maybe receive attorney’s fees should they win or exemplary damages in certain situations. They’re now tasked with including this whistle blower provision in employee agreements. Meaning they have to make note of it and specifically instruct the employee that this is an option and the mechanisms for which apply.
Lee Neubecker: So, the fully benefit from those people should revisit their paperwork, their confidentiality agreements and whatnot with their vendors and employees. Is that something that you could assist people with?
Brian Michalek: Yeah, absolutely. That’s something that we’re happy to talk with you about and if need be, we’re going to help and assist.
Lee Neubecker: Great, well thanks for being on the show.
A forensic expert will help you avoid a data breach and save you money.
A planned data breach response is imperative and will save millions of dollars in litigation and forensic fees. Enigma Forensics CEO & President, Lee Neubecker engaged in a video discussion with Privacy Expert, Jackie Cooney from Paul Hastings Law. These experts provide solutions for many clients who seek operation privacy and cyber security. A planned data breach response can save companies millions of dollars.
The transcript of the video follows
Lee Neubecker: So, I’m here with Jackie Cooney from Paul Hastings, and she’s their privacy expert here. Can you tell me a little bit about your practice and how you help your clients?
Jackie Cooney: Sure, so I am the senior director of the Privacy and Cyber Security Solutions Group, here at the law firm. We’re kind of a unique part of the law firm, in that we’re very much integrated into the legal practice, but what my group does is really provide solutions for clients to operationalize privacy and cyber security requirements.
Lee Neubecker: So what happens when a company suspects they have a issue? What do you typically advise your clients to do if they’re concerned about a potential breach?
Jackie Cooney: A potential breach, so that’s a good question, and I get these calls actually pretty frequently, maybe even on a weekly basis. Hey, we think something has happened to our data, what do we do? And there’s a few threshold questions that I ask. Number one, do you have cyber insurance, and have you called your cyber insurance company? Because often cyber insurance companies will cover you, but only if you use their counsel and you use their forensic experts. So, it’s important for you to understand what your coverage is there. Now, if you don’t have those kind of limitations, or you don’t have cyber insurance, and hopefully most of your clients do have some coverage, or if Paul Hastings is on the approved list of those cyber insurance vendors, then we go onto step two. So, that first question, 30 seconds, one minute, do you have cyber insurance, have you called them yet? And what I typically like to do is say, okay, give me the two-minute version of what happened, and then I can pretty quickly decide, okay, this is a purely cyber incident or this is a cyber incident that has some privacy implications. And then there are questions that go from there. And, of course, if there’s something that has privacy implications, that there’s a lot of regulations that you have to worry about that require notification, too.
Lee Neubecker: So, can you tell me a little bit more about some of the new regulations that face companies that operate in the U.S., related to data breach requirements
Jackie Cooney: Sure.
Lee Neubecker: and responsibilities?
Lee Neubecker: Well, you explained that very well. I thank you for being on the show today and this was really informative.
Enigma Forensics CEO & President, Lee Nuebecker welcomes Attorney Mark Halligan as they discuss internal trade secret management.
The transcript of the video follows
Lee Neubecker: Hello, I’m here today with author and attorney Mark Halligan from Fisher Broyles, and he’s going to talk a little bit about his books today. Mark, how are you doing?
Mark Halligan: Very good.
Lee Neubecker: Thanks for being on the show.
Mark Halligan: Thank you, thanks for inviting me.
Lee Neubecker: So you were approached about writing a book a while back on the Defend Trade Secrets Act. Can you tell everyone a little bit about what your book covers and why it’s relevant?
Mark Halligan: Well, the Defend Trade Secrets Act of 2016 is a watershed event in intellectual property law and it’s the culmination of, you know, years of work on my part to emphasize the need for a federal civil course of action. In most cases, the victims are corporations and they should access to the federal courts.
Lee Neubecker: Okay. In what cases would the Defend Trade Secret Act apply?
Mark Halligan: Well, in any case involving the alleged misappropriation or the actual misappropriation or threatened misappropriation of trade secrets, you now have access to bring a private civil course of action. That is subject matter jurisdiction in the federal courts nationwide.
Lee Neubecker: So now, you’ve written a second book more recently, The Trade Secret Asset Management 2018 book. Can you tell people a little bit about what that’s about?
Mark Halligan: Well, that’s the next phase in trade secrets law. That is the internal act of management by companies of their trade secret assets, which involves identification, classification, protection, and valuation. And in order to be able to use the Defend Trade Secrets Act and be able to allow this intellectual property right to thrive and grow, now with federal protection in the courts, you have to have internal systems in place for these trade secret assets.
Lee Neubecker: So do clients sometimes contact you before employees leave and take things to proactively try to make sure their stuff’s in order?
Mark Halligan: Well, unfortunately, companies wait until the horse is out of the barn and then they scramble to retain outside counsel and then I scramble around trying to determine what the trade secrets are and what the evidence and misappropriation is. And we’ve seen this play out in major cases now, most recently in the Waymo case out in California, where everybody is running around trying to determine what’s at issue in the case. So it’s better to do that ahead of time with internal management.
Lee Neubecker: So clients that are proactive and they get an assessment of what their assets are beforehand, do they tend to spend less money when they become embroiled with litigation if they’ve done that?
Mark Halligan: Yes, yes, absolutely. If you have internal active trade secret management, you are able to identify within a matter of seconds literally the trade secrets that are in issue and the evidence that the employee had access to those trade secrets, or the former employee.
Lee Neubecker: Now, you have some proprietary program you developed that deals with that, correct?
Mark Halligan: I do. The name of the program is The Trade Secret Examiner and it was introduced, commercially deployed version, I believe version four or version five, last August. And it is a revolutionary new platform to assist companies in the identification, classification, protection, and valuation of trade secret assets.
Lee Neubecker: So if someone is watching this video at night and they’re an executive of a company and they lost their head of sales and marketing, what steps should they take immediately to help protect their company and their client base?
Mark Halligan: Well, if they have been engaged in internal trade secret asset management, then I would expect they have a trade secret incident response plan that can be activated immediately and a SWAT team, which is essentially outside counsel ready to go to the courthouse, you know. And if they do not have those procedures and mechanisms in place, then they call me and I head out to the company with a yellow pad and a pen, and start to interview witnesses to see if I can determine what the trade secrets are and what the evidence and misappropriation is.
Lee Neubecker: So once you have reason to believe that some of your clients’ data was inappropriately taken and misappropriated, what do you do first to get ready for court after you’ve taken those notes? What do you prepare, have the data prepared for your TRO?
Mark Halligan: Well, again, from a forensics standpoint, the first thing you need to do is cordon off the area where the defendant worked or had computers and you get EnCase images of the computer to preserve the evidence. You certainly don’t want to have the IT department flailing around inside the computer because you know, that will change the evidence.
Lee Neubecker: You know, it was interesting, Mark. One of my colleagues Alex Gesson had done some research and what he realized is that companies that use tools such as FTK Imager, when you capture the forensic image of a hard drive device, it records a serial number for that device that is not detected when you do forensic analysis to see if devices were plugged in. In actuality, there’s two serial numbers on a hard drive and only one of the two serial numbers is the one reported and they’re not always consistently detected. So we agree with you on that, using EnCase to make the forensic image. EnCase actually, at the time of imaging, EnCase will capture the serial number that can be detected in the registry. So what we’ve discovered is that people who haven’t used EnCase, they later on do this analysis to see, was the thumb drive plugged into the computer, and they can actually have a false negative because they didn’t appropriately image the media at issue.
Mark Halligan: Well, that’s fascinating and that shows you how critical it is to do the forensics correctly at the very beginning of the case. It could be case-determinative.
Lee Neubecker: So you’ve done the forensics and you’re going into court. What are you hoping to prove when you’ve done the computer forensics? What type of things are you hoping to be able to express in the form of an affidavit or support for your motion?
Mark Halligan: Well, a trade secret misappropriation case involves the actual or threatened misappropriation of trade secrets. So what you’re trying to do is protect these fragile assets. I mean, a trade secret, once lost, is lost forever. So you are attempting to stop the bleeding, plug the dyke, get an order that there is to be a preservation of evidence. Also, stop the continuing misappropriation activity or if it has not occurred yet, through injunctive relief, set up a wall to prevent the misappropriation of trade secrets, and to the extent possible, prevent its dissemination to other computers in the United States or to other parts of the world.
Lee Neubecker: Well, Mark, can you tell me any war stories about your use of computer forensics and what happened going into court?
Mark Halligan: Well, I think what I have seen in some occasions and I represented a major company in a case involving very serious acts of trade secret misappropriation and alleged foreign economic espionage. You know, the federal courts want to protect the privacy rights of individuals with electronically stored information, so there’s always this tension between, you know, the plaintiff seeking to prove up its trade secret case or misappropriation of trade secrets with the defendant’s interest in protecting the privacy of files and things that are on the computer. So oftentimes, the court requires search terms and you start off the case by looking at whether or not these search terms pop up on the computers. In a case that I was involved with, when those search terms were plugged in, we found that a file destruction software program had been run.
Lee Neubecker: Oh, that never happens.
Mark Halligan: And that the clock had been changed. And with that kind of evidence before the judge, we were then given access to the entire computer. No more search terms. And when we got access to the entire computer, we found out other third parties that were involved and of course, the case expanded to involve other defendants, other entities. But it all happened with the finding on the initial search terms of indicia of a file destruction software being run.
Lee Neubecker: Well, thanks a bunch for being on the show today, Mark. This was great stuff.
Mark Halligan: Thank you.
Lee Neubecker: People need to reach you, they can see the link to your website.