For noncompete and trade secret lawyers in the healthcare industry, the recent Michigan Court of Appeals case of Isidore Steiner, DPM v. Bonanni highlights the importance of understanding applicable state privacy laws as well as the federal Health Insurance Portability and Accountability Act (HIPAA).

In Steiner, the plaintiff claimed that the defendant (a former employee) stole its patients after separating employment. The plaintiff moved to compel the former employee to provide his patient list in discovery, but the trial court denied the motion. Even though the plaintiff claimed it needed the patient list to prove elements of its case and the amount of damages, the Court of Appeals subsequently affirmed. The Court of Appeals reasoned that, while HIPAA asserts supremacy over state law, it allows for the application of state law regarding physician-patient privilege if the state law is more protective of patients’ privacy rights. The Court then observed that, unlike HIPAA, Michigan’s law does not provide for disclosure in judicial proceedings, does not authorize disclosure under a qualified protective order, and protects the mere existence of a physician-patient relationship from disclosure. Thus, the Court held that Michigan’s privacy law was more restrictive than HIPAA, that it applied, and that it protected the names addresses, and telephone numbers of the defendant’s patients from disclosure.

Be sure to understand applicable state privacy laws in addition to HIPAA when analyzing your ability to obtain information in discovery to prove liability and damages.