The two fines on seven claims, including breach of contract, unfair competition and enrichment, and misappropriation of trade secrets, were for $240 million in compensatory and $700 million in punitive damages, according to The Indian Express.
The Mumbai-based Tata companies slammed with the penalties, Tata Consultancy Services (TCS) and Tata America International, claimed that they “did not misuse or derive any benefit from downloaded documents from Epic System’s user-web portal,” in a statement emphasizing that, in addition, no use was made “of said information for development of its own hospital management system ‘Med Mantra’, which was implemented for a large hospital chain in India in 2009.”
“TCS plans to defend its position vigorously in appeals to higher courts. TCS appreciates the trial judge’s announcement from the bench that he is almost certain he will reduce the damages award,” according to India Today.
The huge award was in question even before the federal jury determined it, however. The District Judge William M. Conley had already raised doubts, according to Reuters, noting that the Indian firm had stated that it “appreciates the trial judge’s announcement from the bench that he is almost certain he will reduce the damages award.”
The lawsuit was filed in 2014. At the heart of the case is that Epic software was being used by Kaiser Permanente, and that institution had hired TCS to help implement the EHR system. A TCS employee then “fraudulently accessed” and downloaded 6,477 documents to which TCS was not entitled, according to court documents.
“Rather than compete lawfully with Epic, TCS has engaged in an apparently elaborate campaign of deception to steal documents, confidential information, trade secrets, and other information and data from Epic, for the purpose of realising technical expertise developed by Epic over years of hard work and investment,” the lawsuit stated according to India Today.
There are a number of issues that complicate the seemingly straightforward case of a TCS worker wrongly accessing Epic information, according to The Wire.
Kaiser licensed Epic’s software in 2003, then brought in TCS in 2005, at which point Epic and TCS signed a consulting agreement in which TCS agreed that Epic’s program held trade secrets that were protected. Then in 2011 Kaiser had TCS test Epic software, giving support for Epic releases, upgrades and maintenance, which it was agreed would happen at offshore sites in India.
These sites were “required” to have data confidentiality protection like disabled USB ports, no email and no Internet access — but there were several machines at these sites, in fact, that did have enabled ports and email, called “kiosk machines”.
TCS claimed these machines were disabled, but a TCS employee testimony revealed that they had both Internet access and working ports. This meant that TCS employees could “download release notes,” which they used to make tests for Kaiser. This was, in effect, a workaround that violated the data security protocol that requires that information be gotten from Epic’s web portal by its own employees or Kaiser personnel and then they would respond to TCS workers’ requests.
In addition, one TCS employee had earlier legitimately had and used prior access rights to the Epic portal, gotten through his work on a previous project, and proceeded to use for the Kaiser project his old credentials to access the Epic site, download information onto a kiosk hard drive, and email it to himself, a violation of the user agreement with Epic. He then shared this information with other TCS workers.
The Epic claim is that the thousands of documents thus obtained, “contain detailed information on the features and functionalities of Epic’s software and database systems developed over thirty years.” In addition, because some of the TCS employees who had access to these documents used them for a comparison study between Epic’s software and TCS’s Med Mantra. This was given to the Med Mantra developers.
TCS responded that these “were of the type necessary for work of the TCS testing team.”
