5 Best E-Discovery Practices in Opioid Litigation

Credit: David Smart/Shutterstock.com

Since 2017, after the U.S. government declared opioid addiction a public health crisis, the courts have experienced a flood of opioid litigation cases. Opioid usage throughout America has rapidly increased and the Centers for Disease Control and Prevention estimates that opioids account for 68% all drug overdose deaths. As a result, attorneys and organizations are facing discovery challenges, which are distinct to these type of cases. Important tasks, like learning the new lingo around opioids to navigating massive data sets, can be overwhelming.

Becoming familiar with the roots of these cases and the opioid crisis in general should be the first priority in addressing litigation. Research about the opioid products that targeted organizations sell, how they reach the public, data about resulting harm and overdose/abuse trends, marketing strategies, and potential theories of liability against opioid manufacturers are all critical components to navigating complex opioid cases. By having a strong grasp on these core aspects, attorneys can create strategies for settlement negotiations, discovery, and trial.

Regardless of whether these cases settle, many cases will still advance to the discovery phase. Organizations should consider implementing the following practices to help streamline and effectively manage e-discovery in opioid litigation. These practices are important to utilize during the initial investigation stage.

1. Maintain HIPAA compliance. Pharmaceutical organizations are subject to HIPAA regulations because they store and transmit health data. The law protects personally identifiable information (PII) and protected health information (PHI) from disclosure. Failure to safeguard this type of data can incur penalties for the organization. Opioid litigation documents contain a lot of this information. As such, organizations must be familiar with the regulation's stringent security and compliance requirements. Reviewing HIPAA regulations and any applicable court decisions, along with receiving continuous training, are key to successful HIPAA compliance.

Next, organizations must have a protocol to protect PII and PHI from getting into the public domain. In the realm of e-discovery, this means redacting all HIPAA-covered data from document disclosure. Explore different tools that can automate data identification in order to simplify the redaction process and make it more efficient. Also, ensure that all applications subject to disclosure have redaction capabilities. For example, a discovery request may ask for data in its original format. If the original format was stored on an excel sheet, make sure to redact the health data within that application, as opposed to converting it to a word document. If an organization releases HIPAA-covered data, there are serious consequences.

2. Utilize review technology. Opioid litigation involves reviewing massive data sets. Discovery requests will likely target specialized information that could be lost in a sea of pharmaceutical data containing unique terms of art. Automated review technology is necessary to help streamline litigation and yield efficient results while meeting strict deadlines. Using predictive coding tools will create legally defensible and thorough processes that demonstrably reduce costs, while enhancing accuracy and consistency. For example, technology-assisted review (TAR) solutions have superior categorization capabilities based on a document training set. TAR can recognize relevant data and prioritize the most responsive documents for manual review. The TAR process helps eliminate less responsive documents that would waste the reviewer's time and money while adding no value to e-discovery compliance efforts and litigation strategy.

Continuous active learning (CAL) is currently the most sophisticated type of predictive coding technology. CAL can review data on a rolling basis, which is beneficial in an opioid litigation setting where new evidence can pop up frequently. Using this type of technology early on is helpful to get to the heart of the case, which then allows litigators to manage expectations, refine strategy, and advance settlement discussions. Other beneficial features of CAL include metrics reports, redaction assistance, and data organization. The benefits of using advanced technology with TAR capabilities in opioid litigation are paramount and produce improved outcomes.

3. Implement sound data security practices. Due to the increased amount of PII and PHI opioid litigation documents contain, safeguarding sensitive data is a top priority. Privacy obligations extend to anyone involved in the case—attorneys, support staff, clients, experts, courts, or third-party vendors. Organizations housing the sensitive data involved in these cases are higher risk targets for cyberattacks and should review internal and vendor security systems, protocols, and policies. When collecting e-discovery data in opioid litigation, organizations must know which data sets potentially contain sensitive information and take extra protective measures.

Security options can include encryption, VPN usage, multi-factor authentication, firewalls, intrusion detection software, restricted Internet/device access, enhanced building/device security, and using secured networks. Additional best security practices include updating obsolete systems and policies, performing continuous vulnerability assessments and remediation, offering regular security awareness training, and only using e-discovery vendors that employ superior security safeguards with the proper certifications. All of these actions help minimize the risk of losing, exposing, or compromising the sensitive data encountered in opioid litigation.

While taking these steps will help prevent a breach in most situations, cyberattacks and data-breaches can unfortunately still occur. To prepare for these situations and limit the fallout, organizations should have an incident response plan that outlines how to stop active breaches and mitigate damages. The response plan should identify the roles the e-discovery team members and determine what type of opioid litigation data is sensitive to breaches. Organizing training opportunities and mock data breach scenarios also helps prepare teams for potential attacks. If a breach compromises any sensitive information, organizations must act fast to save the data and notify affected individuals when mandated. Taking these measures will help prevent delays in the opioid litigation as well as reduce the risk of new litigation stemming from a data breach.

4. Become educated about relevant search criteria. Opioid litigation brings new types of technical language that lawyers may not understand. Working with pharmaceutical experts is crucial in order to learn the appropriate terms of art and identify which search criteria will yield relevant content. Consultation and collaboration between field experts and litigation teams will ensure that searches are effective.

To make these searches effective, the process will require both initial training and continuous review. A good practice is to create a search criterion manual containing all relevant terms, definitions, and their significance in opioid litigation cases. Organizations should also consider having their experts review e-discovery requests and responses before disclosure to ensure they have identified all relevant data and fully complied with the request.

5. Obtain forensic expertise. Data collection in an opioid case involves unique pharmaceutical data types like prescriptions, complex databases, development testing, and research studies. The data comes in many formats, is stored in several places, and can be both structured and unstructured. The majority of data will be nontraditional and require specialized collection methods and consultants that have forensic expertise in this field. Practitioners must first identify who has custody of the data and then determine appropriate collection methods. If using third-party vendors or consultant services, make sure their methods are secure (as discussed above). When requesting, collecting, or reviewing discovery data, it is important to focus the scope and identify trends in order to obtain the most relevant information.

The data review phase also entails transforming raw data into meaningful information that can support the case. In an opioid case, some common practices can include comparing data back-ups from different periods to prove that data points related to a test were manipulated or converting individual data points to aggregate totals in order to pinpoint trends. Results from marketing studies, product testing, and prescription trends could also be relevant to these cases and may require data transformation in order for the data to make sense and support case arguments.

Conclusion

Applying the above e-discovery habits to opioid litigation practice will help litigators gain a competitive edge and manage their cases more efficiently. Opioid cases bring new and unique challenges since there is an underlying national crisis that the country is in the process of combating and attempting keep people from harm. Keeping protected data safe from disclosure or cyberattacks at every stage of the process is of critical importance to avoid HIPAA violations and other liability. Using advanced review technology and consulting field experts crucial to getting a grasp on the case, promoting settlement negotiations, and maintaining e-discovery compliance. Taking these extra steps will undoubtedly create improved outcomes and make the process smoother.

Samantha Green, Esq. serves as the Manager of Thought Leadership for Epiq, in which capacity she serves as a subject matter expert on all aspects of electronic discovery and data privacy law, drawing on her more than fifteen years of litigation and consulting experience.