Epic Sys. Corp. v. Tata Consultancy Servs. Ltd.
Decision Date | 20 August 2020 |
Docket Number | Nos. 19-1528 & 19-1613,s. 19-1528 & 19-1613 |
Citation | 980 F.3d 1117 |
Parties | EPIC SYSTEMS CORP., Plaintiff/Counterclaim Defendant-Appellee/Cross-Appellant, v. TATA CONSULTANCY SERVICES LTD. & Tata America International Corp. d/b/a TCS America, Defendants/Counterclaim Plaintiffs-Appellants/Cross-Appellees. |
Court | U.S. Court of Appeals — Seventh Circuit |
Rick Richmond, Nick G. Saros, Attorneys, Jenner & Block LLP, Los Angeles, CA, Anthony A. Tomaselli, Kristin Graham Noel, Attorneys, Quarles & Brady LLP, Madison, WI, Michael T. Brody, Attorney, Jenner & Block LLP, Chicago, IL, for Plaintiff-Appellee.
Christopher Egleson, Attorney, Sidley Austin LLP, Los Angeles, CA, Carter G. Phillips, Attorney, Sidley Austin LLP, Washington, DC, Constantine L. Trela, Jr., Neil H. Conrad, Robert N. Hochman, Attorneys, Sidley Austin LLP, Chicago, IL, for Defendants-Appellants.
Before Flaum, Manion, and Kanne, Circuit Judges.
Without permission from Epic Systems, Tata Consultancy Services ("TCS")1 downloaded, from 2012 to 2014, thousands of documents containing Epic's confidential information and trade secrets. TCS used some of this information to create a "comparative analysis"—a spreadsheet comparing TCS's health-record software (called "Med Mantra") to Epic's software. TCS's internal communications show that TCS used this spreadsheet in an attempt to enter the United States health-record-software market, steal Epic's client, and address key gaps in TCS's own Med Mantra software.
Epic sued TCS, alleging that TCS unlawfully accessed and used Epic's confidential information and trade secrets. A jury ruled in Epic's favor on all claims, including multiple Wisconsin tort claims. The jury then awarded Epic $140 million in compensatory damages, for the benefit TCS received from using the comparative-analysis spreadsheet; $100 million for the benefit TCS received from using Epic's other confidential information; and $700 million in punitive damages for TCS's conduct.
Ruling on TCS's motions for judgment as a matter of law, the district court upheld the $140 million compensatory award and vacated the $100 million award. It then reduced the punitive-damages award to $280 million, reflecting Wisconsin's statutory punitive-damages cap. Both parties appealed different aspects of the district court's rulings.
We agree with the district court that there is sufficient evidence for the jury's $140 million verdict based on TCS's use of the comparative analysis, but not for the $100 million verdict for uses of "other information." We also agree with the district court that the jury could punish TCS by imposing punitive damages. But the $280 million punitive-damages award is constitutionally excessive, so we remand to the district court with instructions to reduce the punitive-damages award.
Epic Systems is a leading developer of electronic-health-record software. This software aims to improve patients’ quality of care by keeping relevant information about patients—like patient schedules and billing records—in a central location. Epic provides versions of this software to some of the top hospitals in the United States. Each customer licenses from Epic software applications (modules) to fit the customer's specific needs. The customer can then customize the software to ensure it operates properly within the customer's organizational structure.
The complexity of Epic's health-record system requires Epic's customers to consistently update and test their systems. To facilitate this process, Epic provides its customers with access to a web portal called "UserWeb." UserWeb provides various resources—including administrative guides, training materials, and software updates—and it also supplies an online forum where Epic's customers can share information.
Along with these helpful resources, UserWeb contains confidential information about Epic's health-record software. To protect this information, Epic restricts who can access the UserWeb portal. Epic's customers, who have access, are required to maintain the confidentiality of this information, and they are expected to allow specific individuals access to this sensitive information on a "need-to-know" basis only.
To guard this confidentiality, Epic allows only credentialed users to access UserWeb; to get credentialed, users must prove they are either a customer or a consultant. Customers get access to all features and documents related to the modules they license from Epic. Consultants—who are hired by customers to implement and test Epic's software—cannot access features like the discussion forum and training materials.
In 2003, Kaiser Permanente—the largest managed-healthcare organization in the United States—obtained a license from Epic to use KP HealthConnect, a Kaiser-specific version of Epic's electronic-health-record software. Because of Kaiser's size, implementation of KP HealthConnect is highly complex; testing and tweaking it after each update is complicated and time consuming.
For help with these tasks, Kaiser hired TCS in 2011. TCS provides information-technology services, like software testing and consulting, on a global basis. But TCS also has its own electronic-health-record software, Med Mantra, which at the time was predominately sold in India.
Epic was aware of this conflict of interest and was concerned about TCS's relationship with Kaiser. Still, Kaiser used TCS to test KP HealthConnect. But to fulfill its obligation of confidentiality to Epic, Kaiser imposed rules for TCS to follow while working on Kaiser's account.
First, TCS was required to perform all services related to KP HealthConnect at Kaiser offices in the United States or offshore development centers—approved facilities outside the United States.
Second, TCS was required to follow strict security protocols at the offshore development centers. Desktop computers used to work on KP HealthConnect could be used only for Kaiser-related work. To ensure these computers could not access the internet or TCS's email system, a firewall was installed. Other computers at the offshore facilities could access TCS's network and email system but were not allowed to access KP HealthConnect material.
TCS, while operating under these strict requirements, provided testing and support services to Kaiser. But TCS employees claimed they could perform the required tasks more efficiently if they had full access to UserWeb. Kaiser repeatedly asked Epic to grant TCS this access; Epic repeatedly declined to do so.
Unsatisfied with this lack of access, in late 2011, TCS found a way to gain unfettered access to all the information available on UserWeb: the key was Ramesh Gajaram. TCS hired Gajaram to work on the Kaiser account from an offshore development center in Chennai, India. Before working for TCS, Gajaram worked for a different company that also helped Kaiser test KP HealthConnect. While working for that company, Gajaram falsely identified himself to Epic as a Kaiser employee, and Epic granted Gajaram full access to UserWeb.
Gajaram informed his superior at TCS, Mukesh Kumar, that he still had access to UserWeb. At Kumar's request, Gajaram accessed the UserWeb portal. Gajaram also shared his login credentials with other employees at the Chennai offshore development center. A few years later, Gajaram transferred to TCS's Portland, Oregon office; he again shared his UserWeb login credentials with at least one other TCS employee.
Thanks to Gajaram's actions, dozens of TCS employees gained unauthorized access to UserWeb. And from 2012 to 2014, TCS employees accessed UserWeb thousands of times and downloaded over 6,000 documents (1,600 unique documents) totaling over 150,000 pages. These documents contained Epic's confidential information, including some of its trade secrets. And not all of this information related to TCS's work for Kaiser; employees downloaded information related to a medical-laboratory module that Kaiser does not license from Epic.
This unauthorized access came to light in early 2014, when Philip Guionnet, a TCS employee, attended meetings concerning the Med Mantra software. At the first meeting, Guionnet observed a demonstration of Med Mantra for Kaiser executives. Guionnet was "astounded"; he had seen Med Mantra several times before and believed the software had dramatically improved.
After this meeting, Guionnet was concerned that "some of the information from Kaiser had been used to improve Med Mantra." So, Guionnet visited the Med Mantra product development team. During his visit, a TCS employee showed Guionnet a spreadsheet that compared Med Mantra to Epic's electronic-health-record software. The spreadsheet compared, in some detail, the functionalities of the two products. Guionnet believed this spreadsheet confirmed his suspicion that information regarding Kaiser's version of Epic's software had been used to improve Med Mantra.
Guionnet then asked for a copy of this spreadsheet. What he received instead was a less-detailed document referred to as the "comparative analysis."
The comparative analysis—a key document in this appeal—was created as a part of TCS's effort to see if it could sell Med Mantra in the United States. Specifically, TCS wanted to sell Med Mantra directly to Kaiser, who was using Epic's software, and wanted to be sure that "key gaps" in Med Mantra were addressed before this attempted sale. So, TCS gave a consultant from the Med Mantra team the task of creating a comparison between Med Mantra and Epic's software. In doing so, this employee worked with "Subject Matter Experts"—employees who had experience with Epic's software—and created the comparative analysis that was ultimately sent to Guionnet.
The comparative analysis is an 11-page spreadsheet that compares Med Mantra to Epic's software. The first page lists 33 modules, and it notes whether the module is available in Med Mantra and Epic's software; the...
To continue reading
Request your trial-
United States v. Jones
... ... App'x 359 (quoting Martin v. Franklin Cap. Corp. , 546 U.S. 132, 139, 126 S.Ct. 704, 163 L.Ed.2d ... v. Allcare Health Mgmt. Sys., Inc. , 572 U.S. 559, 563 n.2, 134 S.Ct. 1744, ... ...
-
Curry v. Revolution Labs.
...actions or was an isolated incident;" and (5) "the harm was the result of intentional malice, trickery, or deceit, or mere accident." Id. at 1141. defendants do not expressly address any of the five factors the Seventh Circuit has instructed courts to consider on the first guidepost. Instea......
-
Atturo Tire Corp. v. Toyo Tire Corp.
...[Toyo's] conduct is ‘so reprehensible as to warrant the imposition of further sanctions to achieve punishment or deterrence.'” Epic Sys. Corp., 980 F.3d at 1141. jury's verdict on the six claims against Toyo shows the jury found that Toyo's conduct was wrongful, deceptive, and violated prin......
-
Syntel Sterling Best Shores Mauritius Ltd. v. TriZetto Grp.
...counterparts derived from the Uniform Trade Secrets Act ("UTSA") (Unif. Law Comm'n 1985). See, e.g., Epic Sys. Corp. v. Tata Consultancy Servs. Ltd., 980 F.3d 1117, 1130 (7th Cir. 2020) (affirming avoided cost damages awarded under the Wisconsin UTSA as "head start" unjust enrichment damage......
-
Trade Secret Report
...the guise of compensatory damages" and could not stand. The panel distinguished Epic Systems Corp. v. Tata Consultancy Services, Ltd. 980 F.3d 1117 (7th Cir. 2020)—where the Seventh Circuit upheld an award for $140M in avoided costs as an appropriate measure of the defendants' unjust enrich......