Epic Systems Corp., of Verona, a giant in electronic health records, filed suit in U.S. District Court in Madison against Tata Consultancy Services, of Mumbai, and Tata America International Corp.
Epic says a Tata employee in Portland claimed he was a Kaiser employee to get access to protected information. He downloaded at least 6,477 documents, then passed along his access credentials to two employees in India. At least one other Tata consultant was believed to have downloaded documents, as well.
The case accuses Tata of computer fraud, stealing trade secrets, breach of contract, and damage to Epic’s business.
So, what is it all about?
On February 4, 2003, Epic entered into a written agreement with Kaiser, one of the largest managed healthcare organizations in the United States, to license software to Kaiser to support patient care delivery activities and to provide Kaiser with customer-level access to Epic’s UserWeb. The Kaiser Agreement also provided protection for Epic’s confidential information, permitting information to be disseminated from the UserWeb only on a need to know basis.
The UserWeb is a protected electronic workspace created by Epic to aid customers in maintaining and implementing Epic products by providing training and other useful information.
To access Epic’s UserWeb, an individual must register as an employee of either an Epic customer or a consultant to an Epic customer. However, in order for a consultant employee to attain UserWeb access, two additional steps must be completed:
- the individual attempting to register must sign the UserWeb Access Agreement and
- the consulting firm must sign the Consultant Access Agreement.
Once the applicable steps are completed, that individual attains UserWeb access with no further restrictions, except that a consultant employee’s access is purposefully limited solely to the areas of the UserWeb necessary to support his or her customer.
How Tata is involved?
Tata was hired by Kaiser to serve as a consultant. In August 2005, several Tata employees attempted to register for customer-level access. Though they used Tata email addresses when registering, they represented themselves to be customer employees.
When Epic discovered the discrepancy, it removed the Tata employees from the UserWeb and informed them that Tata employees could not take training courses on the UserWeb until Tata entered into a Consultant Agreement with Epic.
On August 10, 2005, Epic and Tata America proceeded to enter into a Standard Consultant Agreement. Epic allowed certain Tata employees to access training programs on the UserWeb for the purposes of providing consulting services to Kaiser on the implementation of “Epic Program Property”.
As early as 2012, Tata began accessing and downloading information from Epic’s UserWeb without authorization.
Allegation of EPIC
Epic primarily based this allegation on information received from a Tata informant, Philippe Guionnet. Until May 2014, Guionnet was responsible for managing all aspects of Tata’s contract with Kaiser, reporting directly to Tata executive management.
On multiple occasions, his job responsibilities exposed him to Med Mantra products. He also participated in marketing Med Mantra products to Kaiser and was aware of comparisons between Epic and Med Mantra softwares created by the Med Mantra team.
According to Guionnet, downloaded information included both Program Property and Confidential Information within the meaning of the Tata America Agreement. Once downloaded, this information was used to benefit Tata’s competing Med Mantra software. Guionnet also represents that Tata leaders in the U.S. and India were aware of and complicit in this scheme.
Once aware of the unauthorized downloading, Epic conducted an investigation of its UserWeb, which led to the account of Ramesh Gajaram, a Tata employee, working as a consultant for Kaiser in Portland, Oregon. Gajaram’s account revealed that at least 6,477 documents, accounting for 1,687 unique files, had been downloaded, including Confidential Information.
Furthermore, Epic’s investigation revealed that Gajaram’s access credentials had been used to download documents from an IP address in India registered to Tata.
When confronted, Gajaram admitted to violating the UserWeb Access Agreement by providing his access credentials to two other Tata employees in India –Aswin Kumar Anandhan and Sankari Gunasekara.
When Gajaram registered for his UserWeb credentials, he registered as a customer employee, rather than as a consultant and used a Kaiser, rather than a Tata, email address. Rather than the more limited consultant-level access, this allowed Gajaram broader, customer-level access.
After Epic suspended Gajaram’s access to the Gajaram sent two emails requesting reactivation. The first email request was sent on June 24, 2014, and listed only his Kaiser role in the signature block,with his Tata role deleted. The second email request was sent on June 30, 2014, and included his full signature with his roles for both Kaiser and Tata disclosed.
Epic argues the omission of Tata from the June 24 email permits an inference that Gajaram intentionally misrepresented himself to be a Kaiser employee, and that his objective was to obtain unauthorized UserWeb access.
On October 31, 2014, Epic filed a complaint seeking both injunctive relief and monetary damages. On January 5, 2015, Tata filed a motion to dismiss the majority of Epic’s claims. In response, Epic filed an amended complaint on January 26, 2015, which resulted in TATA to file the motion to dismiss.
Ruling of US Jury
A US grand jury, on 16th April 2016, has slapped two companies of India’s Tata group — Tata Consultancy Services and Tata America International Corp. — with a $940-million fine in a trade secret lawsuit filed against them.
After days of hearing, the federal grand jury in the US State of Wisconsin ruled that Tata Consultancy Services Ltd. and Tata America International Corp. must pay $240 million to Epic Systems for ripping off its software.
The Tatas have also been asked to pay another $700 million in punitive damages.
However TATA, Stating that there was no IP infringement, plans to “defend its position vigorously in appeals to higher courts”.
Follow Commerce Duniya on Twitter @cduniya
