[Cite as Loparo v. Univ. Hosps. Health Sys., Inc., 2024-Ohio-663.]
COURT OF APPEALS OF OHIO
EIGHTH APPELLATE DISTRICT COUNTY OF CUYAHOGA
TERRY LOPARO, :
Plaintiff-Appellee, : No. 112765 v. :
UNIVERSITY HOSPITALS HEALTH : SYSTEM, INC., ET AL.,
Defendants-Appellants. :
JOURNAL ENTRY AND OPINION
JUDGMENT: AFFIRMED IN PART, REVERSED IN PART, AND REMANDED RELEASED AND JOURNALIZED: February 22, 2024
Civil Appeal from the Cuyahoga County Court of Common Pleas Case No. CV-22-961541
Appearances:
Gioffre, Schroeder & Jansky Co., LPA, and Michael S. Schroeder, and David J. Jansky, for appellee.
Hanna, Campbell & Powell, LLP, and Gregory T. Rossi, and Rocco D. Potenza, for appellants.
EMANUELLA D. GROVES, J.:
Defendants-appellants, University Hospitals Health System, Inc., and
University Hospitals Lake West Medical Center (“Appellants”), appeal the trial
court’s judgment ordering them to produce interrogatory responses to plaintiff- appellee Terry Loparo (“Appellee”). For the reasons that follow, we affirm in part
and reverse in part and remand the judgment of the trial court.
Procedural History and Factual Background
Appellee initiated this wrongful death action against Appellants arising
from the death of Phillip Loparo (“Loparo”) on October 1, 2021. Loparo arrived at
the University Hospitals Lake West Medical Center’s emergency department on
September 28, 2021, complaining of shortness of breath. Loparo was administered
two COVID-19 tests, which were both negative. After waiting more than five hours
to be treated, Loparo suffered respiratory arrest and subsequently died. Appellee’s
wrongful death and negligence claims are based on Appellants’ alleged failure to
treat Loparo timely. Appellants responded to the complaint with a motion for
judgment on the pleadings, raising an affirmative immunity defense under H.B.
606.
In their motion for judgment on the pleadings, Appellants argued that
immunity was proper because patients with more severe COVID-19 symptoms
needed to be seen before Loparo. (See University Hospitals, et al., Appellants’
motion for judgment on the pleadings ¶ 9, October 31, 2022). The trial court denied
the motion.
Appellee propounded discovery, including interrogatories upon
Appellants. These interrogatories requested information for every patient in the
emergency department at University Hospitals Lake West Medical Center from 8:00
p.m., on September 28, 2021, through 2:00 a.m., on September 29, 2021. Interrogatory 22 requested information from the registration forms for each
patient’s age, sex, race, reason for visit/chief complaint, encounter start date and
time, and encounter stop date and time. Interrogatory 23 requested information
from the tracking board visit form for their arrival date and time, discharge date and
time, patient complaint, treating complaint, disposition diagnosis, disposition, and
dispositioning provider. Interrogatory 24 requested the patient’s triage start time,
triage end time, person who performed triage, and triage level.
Appellants objected to interrogatories 22, 23, and 24. Their response
to each of these interrogatories was:
Objection: This Interrogatory is vague, ambiguous, and unclear. It is also overly broad, unduly burdensome and is not proportional to the needs of the case. The Interrogatory seeks information that is not relevant and not reasonably calculated to lead to the discovery of admissible evidence. It also seeks information that is protected by HIPAA and the physician-patient privilege.
Due to Appellants’ response, Appellee filed a motion to compel
responses to discovery. The trial court ordered Appellants to produce responses to
the interrogatories under seal for the court to conduct an in camera inspection of the
records. On April 20, 2023, Appellants produced three spreadsheets related to
Appellee’s interrogatory Nos. 22, 23, and 24 for the court’s in camera review. In
their notice of submission of documents for in camera inspection, Appellants noted
they were not waiving any objections to producing the personal health information
of nonparty patients, which was protected by the physician-patient privilege and
HIPAA. Appellants also produced the affidavit of Suzanne Clemente (“Clemente”), which stated that 65 other patients were in the emergency department during the
relevant time. Clemente also stated:
“No document existed within UH Lake West that listed this data in its entirety as requested by Plaintiff;” in order to provide the responses to these Interrogatories, it was necessary for me to access the protected health information/medical charts of the patients who were present in the ED during this timeframe” and “I manually entered the data into the spreadsheet.”
(Quoting Clemente Affidavit at ¶ 4-7.)
The trial court granted Appellee’s motion to compel discovery on April
23, 2023. The court stated in its journal entry:
Upon a review of the answers, the claim of privilege is overruled, primarily because the information is not traceable to any particular patient other than the plaintiff’s decedent, where applicable.
(J.E. Apr. 23, 2023.)
Appellants appeal, raising one assignment of error for review.
Assignment of Error
The trial court erred in granting the plaintiff’s motion to compel the defendants to produce personal medical information of nonparty patients as this order violates R.C. 2317.02(B)(1), Ohio’s physician- patient privilege.
Standard of Review
The party seeking to exclude evidence as privileged bears the burden of
establishing that requested information is protected from disclosure. Pietrangelo v.
Hudson, 2019-Ohio-1988, 136 N.E.3d 867, ¶ 15 (8th Dist.). A discovery dispute is
generally reviewed for abuse of discretion; however, whether the information sought
in discovery is a confidential communication and privileged is a question of law that is reviewed de novo. Id. See also Hance v. Cleveland Clinic, 2021-Ohio-1493, 172
N.E.3d 478, ¶ 25 (8th Dist.). When the trial court’s order concerning privileged
information would result in the disclosure of the disputed discovery, it is treated as
a final appealable order. Humphry v. Riverside Methodist Hosp., 22 Ohio St.3d 94,
97, 488 N.E.2d 877 (1986); Grove v. Northeast Ohio Nephrology Assocs., 164 Ohio
App.3d 829, 2005-Ohio-6914, 844 N.E.2d 400, ¶ 9 (9th Dist.); Burnham v.
Cleveland Clinic, 151 Ohio St.3d 356, 2016-Ohio-8000, 89 N.E.3d 536, ¶ 24.
Law and Analysis
Appellants argue that the requested information is exempt from
disclosure as privileged physician-patient records under R.C. 2317.02(B).
Moreover, Appellants contend the trial court’s decision is inconsistent with the Ohio
Supreme Court’s interpretation of R.C. 2317.02 in Roe v. Planned Parenthood
Southwest Ohio Region, 122 Ohio St.3d 399, 2009-Ohio-2973, 912 N.E.2d 61, and
the provisions of the Health Insurance Portability and Accountability Act
(“HIPAA”). Appellants assert that their interrogatory responses required the
production of nonparty privileged patient communications and medical records.
Further, Appellants’ immunity claim is based on the number of
nonparty COVID-19 patients treated in the emergency department with more severe
symptoms than Loparo. Appellee requested evidence relevant to this defense in
interrogatories 22, 23, and 24.
Appellee alleges that Appellants failed to establish that all of the
interrogatory responses they produced were communications between the provider and patient “necessary to enable a physician to diagnose, treat, prescribe, or act for
a patient.” R.C. 2317.02. We find Appellants’ argument persuasive, in part, where
interrogatory responses would reveal privileged communications under
R.C. 2317.02. On the other hand, we find Appellee’s argument persuasive regarding
the remaining interrogatory requests.
It is well settled that “parties may obtain discovery regarding any
matter, not privileged, which is relevant to the subject matter involved in the
pending action, whether it relates to the claim or defense of the party seeking
discovery.” Civ.R. 26(B)(1). However, physician-patient communications are
generally privileged and subject to R.C. 2317.02. Leopold v. Ace Doran Hauling &
Rigging Co., 136 Ohio St.3d 257, 2013-Ohio-3107, 994 N.E.2d 431, ¶ 18.
R.C. 2317.02 states that the physician-patient privilege applies to:
(B)(1) A physician or a dentist concerning a communication made to the physician or dentist by a patient in that relation or the physician’s or dentist’s advice to a patient, except as otherwise provided in this division, division (B)(2), and division (B)(3) of this section, and except that, if the patient is deemed by section 2151.421 of the Revised Code to have waived any testimonial privilege under this division, the physician may be compelled to testify on the same subject.
*** (5) (a) As used in divisions (B)(1) to (4) of this section, “communication” means acquiring, recording, or transmitting any information, in any manner, concerning any facts, opinions, or statements necessary to enable a physician or dentist to diagnose, treat, prescribe, or act for a patient. A “communication” * * * may include, but is not limited to, any medical or dental, office, or hospital communication such as a record, chart, letter, memorandum, laboratory test and results, x-ray, photograph, financial statement, diagnosis, or prognosis.
R.C. 2317.02 When parties cannot resolve a discovery issue concerning a claim of
physician-privilege, we review the challenged documents in light of HIPAA and
R.C. 2317.02. HIPAA’s patient privacy rules attempt to balance the interests of
individuals in maintaining the privacy of their protected health information with the
interests of society in obtaining, using, and disclosing health information to carry
out various public and private activities. Menorah Park Ctr. for Senior Living v.
Rolston, 164 Ohio St.3d 400, 2020-Ohio-6658, 173 N.E.3d 432, ¶ 19. The
conclusion that protected health information is privileged depends on two factors:
firstly, whether the information is a communication between a patient and their
healthcare provider, and secondly, whether the purpose of the communication was
for diagnosis or treatment. Ward v. Summa Health Sys., 128 Ohio St.3d 212, 2010-
Ohio-6275, 943 N.E.2d 514, ¶ 25.
Both state and federal laws are intended to ensure the privacy of
confidential health information. See Med. Mut. of Ohio v. Schlotterer, 122 Ohio
St.3d 181, 2009-Ohio-2496, 909 N.E.2d 1237, ¶ 14, citing Hageman v. Southwest
Gen. Health Ctr., 119 Ohio St.3d 185, 2008-Ohio-3343, 893 N.E.2d 153, ¶ 9.
As a preliminary matter, a discussion of the terminology and relevant
rules regarding the disclosure of health information is in order. Under
R.C. 3798.01(B), Ohio’s HIPAA statute, the terms “covered entity,” “disclosure,”
“health care provider,” “health information,” “individually identifiable health
information,” and “protected health information” have the same meanings as in the
federal HIPAA privacy rules under 45 C.F.R. 160.103. “Health information” means any information, including genetic information, whether oral or recorded in any form or medium, that:
(1) Is created or received by a health care provider, health plan, public health authority, employer, life insurer, school or university, or health care clearinghouse; and
(2) Relates to the past, present, or future physical or mental health or condition of an individual; the provision of health care to an individual; or the past, present, or future payment for the provision of health care to an individual.
45 C.F.R. 160.103
{¶ 18} “HIPAA regulates how ‘covered entities’ can use or disclose
individually identifiable health (medical) information (in whatever form)
concerning an individual.” OhioHealth Corp. v. Ryan, 10th Dist. Franklin No. 10
AP-937, 2012-Ohio-60, ¶ 14, quoting Stigall v. Univ. of Kentucky Hosp., E.D. Ky.
No. 5:09-CV-00224-KSF, 2009 U.S. Dist. LEXIS 103757, ¶ 2 (Nov. 6, 2009). See
also 45 C.F.R. 160 and 164. Under 45 C.F.R. 160.103, covered entities include
hospitals, healthcare providers, and public agencies.
{¶ 19} R.C. 2317.02 provides an additional layer of protection by prohibiting
the disclosure of protected health information that is also privileged communication
between physician and patient in relation to treatment or diagnosis. State privacy
laws generally preempt HIPAA provisions if the state law is more stringent1 than
1 “HIPAA contains a preemption provision found in 45 C.F.R. 160.203 that states
in pertinent part: “A standard, requirement, or implementation specification adopted under this subchapter that is contrary to a provision of state law preempts the provision of state law. This general rule applies, except if one or more of the following conditions is met: * * * (b) The provision of state law relates to the privacy of individually identifiable health information and is more stringent than a standard, requirement, or implementation specification adopted under subpart E of part 164 of this subchapter.” 45 HIPAA 45 C.F.R. 160.202. The overriding purpose of HIPAA privacy rules is to
prevent covered entities from disclosing protected health information absent
specific circumstances. Covered entities include public agencies and healthcare
providers. Under Ohio law, protected health information has the same meaning
defined in HIPAA 45 C.F.R. 160.103. R.C. 3798.01.
“Protected health information” is defined as information, in any form, including oral, written, electronic, visual, pictorial, or physical, that describes an individual’s past, present, or future physical or mental health status or condition, receipt of treatment or care, or purchase of health products, if either of the following applies:
(a) The information reveals the identity of the individual who is the subject of the information.
(b) The information could be used to reveal the identity of the individual who is the subject of the information, either by using the information alone or with other information that is available to predictable recipients of the information.
HIPAA 45 C.F.R.160.103.
{¶ 20} Health information is not protected if it does not reveal or cannot be
used to disclose the individual’s identity. Protected health information subsequently
de-identified and compiled in summary, aggregate, or statistical form is
not protected under HIPAA 45 C.F.R. 164.502. HIPAA privacy rules provide the
standards for de-identifying individually identifiable health information. 45 C.F.R.
164.502.
C.F.R.160.203(b). May v. N. Health Facilities, Inc., 11th Dist. Portage No. 2008-P-0054, 2009-Ohio-1442, ¶ 10. (d) Standard: Uses and disclosures of de-identified protected health information.
(1) Uses and disclosures to create de-identified information. A covered entity may use protected health information to create information that is not individually identifiable health information or disclose protected health information only to a business associate for such purpose, whether or not the de-identified information is to be used by the covered entity.
(2) Uses and disclosures of de-identified information. Health information that meets the standard and implementation specifications for de-identification under 164.514(a) and (b) is considered not to be individually identifiable health information, i.e., de-identified. The requirements of this subpart do not apply to information that has been de-identified in accordance with the applicable requirements of 164.514, provided that:
(i) Disclosure of a code or other means of record identification designed to enable coded or otherwise de-identified information to be re- identified constitutes disclosure of protected health information; and
(ii) If de-identified information is re-identified, a covered entity may use or disclose such re-identified information only as permitted or required by this subpart.
45 C.F.R. 164.502.
HIPAA privacy rules define de-identified health information,
When the following identifiers of the individual or of relatives, employers, or household members of the individual, are removed:
(A) Names;
(B) All geographic subdivisions smaller than a state, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code if, according to the current publicly available data from the Bureau of the Census[.]
45 C.F.R. 164.514. {¶ 22} To the extent that de-identified health information is provided in
summary, statistical, or aggregate form and cannot be used to identify an individual,
it is not protected health information. A trial court does not err in granting a motion
to compel discovery when a party claiming privilege fails to demonstrate that the
requested health information is a communication between a provider and patient
for diagnosis or treatment or otherwise protected from disclosure.
Morawski v. Davis, 8th Dist. Cuyahoga No. 112033, 2023-Ohio-1898, ¶ 16. Zimpfer
v. Roach, 3d Dist. Shelby No. 17-16-03, 2016-Ohio-5176, ¶ 27.
{¶ 23} However, absent more stringent state protections, hospitals must
comply with the privacy rules outlined in HIPAA when the discovery at issue is
protected health information, as defined by 45 C.F.R. 160.103. OhioHealth Corp
¶ 16. See 45 C.F.R. 160.203.
{¶ 24} Notably, Ohio’s privacy laws are stricter than HIPAA concerning
protected health information. May v. N. Health Facilities, Inc., 11th Dist. Portage
No. 2008-P-0054, 2009-Ohio-1442, ¶ 12. The HIPAA privacy regulations found in
45 C.F.R. 164.512 permit the disclosure of protected health information during
judicial or administrative proceedings in response to a court order, whether through
subpoena, discovery request, or other lawful processes. Grove v. Northeast Ohio
Nephrology Assocs. Inc., 164 Ohio App.3d 829.
{¶ 25} In contrast, R.C. 2317.02 imposes more stringent restrictions by
prohibiting disclosure of protected health information that is also privileged, even in situations where such disclosure would be permitted under HIPAA. Id. Section
45 C.F.R. 164.103.
{¶ 26} We will now discuss the Appellants’ argument that all the
interrogatory responses are privileged and prohibited from disclosure, absent an
exception. Appellants rely on Roe v. Planned Parenthood, 122 Ohio St. 399, to
support their claim that the requested records are privileged. Roe is inapposite to
the facts presented here. In Roe, the parties stipulated that the disputed discovery
included privileged communications within nonparty medical records. The
plaintiffs sought patients’ actual medical records with the protected health
information redacted. “Medical record” means data in any form pertaining to a
patient’s medical history, diagnosis, prognosis, or medical condition generated and
maintained by a health care provider in the process of the patient’s health care
treatment. R.C. 3798.01 and 45 C.F.R. 160.103. Redaction cannot overcome a
privilege protection; only a statutory exception can. Roe at ¶ 53.
{¶ 27} A broad request for the entire medical record includes protected
communications and is, therefore, privileged and subject to exceptions in
R.C. 2317.02. Sullivan v. Smith, 11th Dist. Lake No. 2008-L-107, 2009-Ohio-289,
¶ 29. However, “the fact that the requested information is retrieved from medical
records does not, in itself, attach privilege.” Medina v. Medina Gen. Hosp., 8th Dist.
Cuyahoga No. 96171, 2011-Ohio-3990 ¶ 14. Because the discovery request in Roe
was for patients’ actual medical records, the Ohio Supreme Court determined that no exception applied under R.C. 2317.02 and declined to create one not authorized
by statute.
{¶ 28} In this case, Appellee specifically requested interrogatory responses,
not medical records. The disputed discovery for patient complaint, demographic,
and diagnosis information will be addressed first. The responses to these preceding
interrogatory requests are communications between the patient and provider for the
purpose of diagnosis, treatment, prescribing, or acting for the patient. Therefore,
this information is privileged. Appellants have claimed no applicable exception
under R.C. 2317.02, regarding the interrogatory responses concerning sex, race,
reason for visit/chief complaint, patient complaint, treating complaint, diagnosis,
and disposition, which are privileged and prohibited from disclosure. Accordingly,
Appellants’ assignment of error is sustained in part.
{¶ 29} Having identified those responses that are privileged, we now turn to
the remaining discovery responses. Notably, the Ohio Supreme Court stated, “We
have never held that the physician-patient privilege provides absolute protection
against the disclosure of medical information.” Ward at ¶ 29. Under Ohio’s
physician-patient privilege statute, a treating physician is only prohibited from
disclosing matters communicated between the patient and physician in relation to
treating, acting for, prescribing, or diagnosing the patient. State Med. Bd. of Ohio
v. Miller, 44 Ohio St.3d 136, 140, 541 N.E.2d 602 (1989). Harris v. Belvoir Energy,
Inc., 8th Dist. Cuyahoga No. 103460, 2017-Ohio-2851, ¶ 10. The physician-patient
“privilege must be strictly construed against the party seeking to assert it and may be applied only to those circumstances specifically named in the statute.” Ward at
¶ 15.
{¶ 30} Courts have consistently held that health information, such as
provider names, triage priority data, and time data (ex., triage times, discharge
times, and treatment times), are not privileged because they do not involve
communications as defined in R.C. 2317.02. Heimberger v. Heimberger, 11th Dist.
Lake No. 2019-L-139, 2020-Ohio-3853, ¶ 31. See also In re Jones, 99 Ohio St.3d
203, 2003-Ohio-3182, ¶ 13, 790 N.E.2d 321 (psychotherapy notes created for
forensic analysis were not privileged communications under R.C. 2317.02, but
psychotherapy records created for case plan services were privileged
communications for diagnosis and treatment). See Turk v. Oiler, 732 F.Supp.2d 758
(N.D. Ohio 2010), Medina at ¶ 13, citing Ingram v. Adena Health Sys., 149 Ohio
App.3d 447, 2002-Ohio-4878, 777 N.E.2d 901 (4th Dist.) (identity of the health care
provider(s) that treated the patient is not protected information).
{¶ 31} In this case, the requested time, triage, and provider data are
comparable to the requested information (or discovery) sought in Medina. There
the court found that the appellee’s requests for interrogatory responses regarding
the intervals and number of times the defendant charted end-tidal CO2 in nonparty
care were not privileged. The court found that the records charting intervals of
unidentified, nonparty patients were “time data” and not protected health
information when provided as interrogatory responses. Id. at ¶ 16. Likewise in this
case, the remaining responses include triage time data and provider names. These are not protected health information nor privileged communications. These
responses are not communications between the provider and patient in relation to
treatment or diagnosis. Consequently, the following time data is subject to
disclosure: encounter start date and time, encounter stop date and time, arrival date
and time, discharge date and time, triage start time, and triage end time.
{¶ 32} In summary, Appellants’ assignment of error regarding interrogatory
requests for the following data is sustained: sex, race, reason for visit/chief
complaint, patient complaint, treating complaint, diagnosis, and disposition. We
overrule the Appellants’ assignment of error regarding provider names, and the
following time data: encounter start date and time, encounter stop date and time,
arrival date and time, discharge date and time, triage start time, and triage end time.
{¶ 33} Judgment is reversed in part, affirmed in part, and remanded for
further proceedings.
It is ordered that appellee and appellants share the costs herein taxed.
The court finds there were reasonable grounds for this appeal.
It is ordered that a special mandate issue out of this court directing the
common pleas court to carry this judgment into execution. A certified copy of this entry shall constitute the mandate pursuant to Rule 27
of the Rules of Appellate Procedure.
_________________________ EMANUELLA D. GROVES, JUDGE
EILEEN T. GALLAGHER, P.J., and MICHAEL JOHN RYAN, J., CONCUR