Health Law Bulletin
Protecting Software in the Digital Age
University of New South Wales v Moorhouse;
APRA v Jain 17
Significant Increases in Damages Awarded by Courts in Sexual Harassment, Discrimination and Adverse Action
Claims - Richardson v Oracle Corporation Australia Pty Ltd;
Sagona v R & C Piccoli 20
What is your duty of care with clinical trials of innovative techniques
and therapeutic goods? 22
Late diagnosis and surgical complications
identifying relevant risk - is the radiologist liable for failing to diagnose?
Paul v Cooke 23
PROFILED LAWYERS 24
Welcome to the August 2014 edition of the Holman Webb Health Law Bulletin. Australia has been at the forefront in various areas of innovation in health and medical research.
This edition of the Bulletin focuses on innovation in the health, aged care and life science sector with articles on recent developments concerning health records, big data and privacy.
We trust that this edition of the Health Law Bulletin brings to you articles of relevance to the sector.
The health, aged care/retirement living and life science sectors form an important part of the Australian economy. They are economic growth areas, as more Australians retire with a significantly longer life expectancy and complex health care needs.
Against the background, Holman Webb’s health, aged care and life sciences team provides advice that keeps pace with the latest developments. Our team has acted for health and aged care clients over a number of years, both in the “for profit” and the “not for profit” sector.
Our team includes lawyers who have held senior positions within the health industry. Maintaining his commitment to the industry, Dr Tim Smyth has recently been appointed as a Director of the Australasian College of Health Service Management (ACHSM).
Please do not hesitate to contact me or any member of our legal team should you have any questions about the Health Law Bulletin content and articles or if one of your colleagues would like to be added to our distribution list.
Alison Choy Flannigan
Health, aged care and life sciences Holman Webb Lawyers
T: (02) 9390 8338 M: 0411 04 9459
Moving from the PCEHR to the MyHR raises issues
By Dr Tim Smyth, Special Counsel
Next year is likely to see some significant steps forward for the national ehealth system following the release of the report of the review of the Personally Controlled Electronic Health Record (PCEHR)1 by the Commonwealth Minister for Health in May. The review undertaken over 6 weeks in late 2013, and headed by Richard Royle, Executive Director of UnitingCare Health (Qld), made 38 recommendations.
Consultations on the report are underway and decisions on the next steps are expected by March 2015. Continued funding in 2014/15 for the PCEHR has been confirmed. The Department of Health has also released discussion papers on the inclusion of pathology and imaging reports in the PCEHR.
One of the review team members, and past President of the AMA, Dr Steve Hambleton has been appointed Chair of the National eHealth Transition Authority (NeHTA).
The key recommendation of the review is to continue the PCEHR but move from the current “opt in” model to an “opt out” model, renaming the system My Health Record (MyHR). The report also recommends that responsibility for the operation of MyHR should move from the Department of Health to the Department of Human Services.
Other interesting review recommendations include:
automatic inclusion of a default set of core information;
increasing the clinical value and usability of MyHR;
retaining options for consumer control;
revised governance, with replacement of NeHTA with a new Australian Council on eHealth (ACeH) and membership of the Council being users of MyHR, rather than jurisdiction representatives;
flagging on MyHR where a consumer has withheld information or has restricted access, but the flag is only visible to the “author” of document;
adopting a model of decentralised repositories and greater involvement of the private sector;
incentives and penalties to increase content and ensure compliance with standards;
expand medications to include over the counter items;
standardised secure messaging across health;
SMS to consumers if their MyHR is accessed; and
single “sign on” capability across systems.
The PCEHR officially commenced on 1 July 2012. It currently has MBS and PBS claims data, public hospital discharge summaries, child immunisation data, shared health summaries, events summaries, some medication history and a facility for a consumer “diary”.
The launch was deliberately “soft” and a major criticism of the PCEHR has been its limited use, content and coverage to date. By June 2014 over 1.6 million people had registered for their PCEHR.
The core legislative framework for the PCEHR is:
Healthcare Identifiers Act 2010 (Cth) and Healthcare Identifiers Regulations 2010 (Cth);
Personally Controlled Electronic Health Records Act 2012 (Cth) and Personally Controlled Electronic Health Records Regulation 2012 (Cth);
PCEHR Rules 2012;
PCEHR (Participation Agreements) Rules 2012 (Cth);
PCEHR (Assisted Registration) Rules 2012 (Cth); and
PrivacyAct 1988 (Cth) including the Australian Privacy Principles.
The System Operator is the Secretary of the Commonwealth Department of Health. The System Operator has a contract with Accenture for many functions (National Infrastructure Operator) with other functions delivered by Medicare and the Health Identifier Service in the Department of Human Services.
Moving from an opt in to an opt out model with the MyHR, and implementation of other recommendations will require legislative change with amendment or replacement of the PCEHR Act, regulations and rules. The Participation Agreement will need review to both reflect changes and simplify the agreement for health care providers. Medical defence organisations are likely to seek stronger “acting in good faith” protections.
While there has been a lot of debate and discussion, there have been very few actual legal problems to date with the PCEHR. However, it is early days and usage of the PCEHR remains low. There have been some errors in patient clinical information uploaded to the PCEHR and medical defence organisations are maintaining a watching brief.
Looking forward, while debate on privacy and consent issues will undoubtedly continue, other legal issues are likely to emerge.
With a more decentralised system of repositories and greater involvement of private sector entities in the operation of the MyHR system, the number of “players” and contractual relationships will grow significantly. This is likely to raise contractual and liability legal issues, including:
governance of “private” repositories;
privity of contract;
privacy and security obligations to other parties; and
the implications if a party wants to withdraw.
The recent Expression of Interest for external processing of MBS and PBS claims, important core information in the MyHR, adds to the potential contractual complexity.
With a more clinically useful MyHR, almost universal coverage, more users, more contributors and easier access and download of contents, intellectual property is likely to emerge as a legal issue. Currently, providers grant a licence to the System Operator under the Participation Agreement to use the information provided to the PCEHR and permit authorised users to download the information and incorporate it into their local systems.
Improving the current PCEHR and making the MyHR more useful for health professionals in their assessment and treatment of their patients creates another interesting legal tension in relation to the common law duty of care.
As utility improves, the MyHR increases in clinical value and more people are using the MyHR, it becomes usual practice. Courts look to what is usual practice and with the “Bolam” principle applied in professional negligence litigation, a failure to use the MyHR, or to upload information into the MyHR, may lead to findings of a breach of duty of care.
The PCEHR review proposes a mix of “carrots” and “sticks” to encourage use and ensure compliance with standards. Options canvassed in the review report include MBS and PBS payments becoming contingent on uploading information to MyHR and to repositories and/or using electronic systems and messaging. The review suggests that a starting point might be ePIP, care plans, telehealth, e-prescription and home medication review payments.
Is your Data Secure? Privacy Case Update - Cupid Media and Pound Road Medical Centre
The Commissioner also found that Cupid had failed to have systems or procedures in place for destroying or permanently de- identifying customers’ information that it no longer needed. At the time of the breach, it was thought that the hackers may have gained access to the accounts of 42 million users. Cupid stated that a lot of this information was junk or pertained to duplicate user accounts. The Commissioner held that Cupid ought to have
had a system in place which allowed it to destroy or de-identify
By Alison Choy Flannigan, Partner and Sandra Ivanovic, Senior Associate
Two recent cases before the Australian Privacy Commissioner (Commissioner) serve as a reminder to organisations of the importance of keeping personal information of clients secure and adequately disposing of information that is no longer in use.
Australian Privacy Principle 11 of the Privacy Act 1988 (Cth) (Privacy Act), which applies to the Australian private sector, requires an entity to:
“take such steps as a reasonable in the circumstances to protect information:
from misuse, interference and loss; and
from unauthorised access, modification or disclosure.”
Both Cupid Media Pty Ltd (Cupid) and Pound Road Medical Centre (PRMC) were recently found by the Commissioner to be in breach of the previous National Privacy Principle 4, which required organisations to take reasonable steps to keep personal (including sensitive) information of its clients secure, and destroying or de- identifying information that is no longer required.
These cases were considered on the PrivacyAct prior to amendments which came into effect in March 2014.
Cupid Media Pty Ltd2
Cupid, which operates over 35 niche dating websites, was held to have breached the Privacy Act by failing to take reasonable steps to protect the personal information of approximately 254,000 Australian users held on its websites. In January 2013, hackers gained access to Cupid’s webserver where it stored users’ passwords in unencrypted cleartext. The hackers stole an array of customer personal information, including full names, email addresses and passwords and dates of birth. The stolen information also included sensitive information pertaining to individuals’ sexual orientation.
In making his decision, the Commissioner took into account the volume and the sensitivity of the information that Cupid collected and the likely impact on the individuals affected by the security breach. The Commissioner found that more stringent steps are required of organisations which handle sensitive information than are required of organisations which do not hold such information. Cupid had failed to take reasonable security steps through its failure to encrypt the stored passwords of its customers.
information that it no longer required or used.
The Commissioner found that Cupid had acted appropriately in responding to the data breach. Cupid identified that the ColdFusion vunerability caused the data breach. Once the vulnerability was identified, Cupid immediately obtained and applied the patch released by the ColdFusion developer on all its services to fix the vulnerability. Cupid also works with an external ColdFusion security contractor to ensure the vulnerability had been successfully patched and that the then current ColdFusion installation met best practice standards.
Cupid then sent a notification to all affected users, analysed service logs and tracked the hack method to ensure the breach had been contained and conducted scans of servers and engaged a security team which conducted a full audit of Cupid’s servers and confirmed that all threats had been removed.
Pound Road Medical Centre3
In July this year, the Commissioner found PRMC to be in breach of the Privacy Act by failing to take reasonable steps to secure sensitive medical records.
PRMC had stored medical records of approximately 960 patients in a locked garden shed at the rear of premises which were no longer occupied or used by them. In November 2013, the shed was broken into and the security of the records was compromised. The garden shed door was locked with three padlocks.
The Commissioner noted the seriousness of the breach, as health information is sensitive information and requires a higher level of privacy. The Commissioner stated that the Privacy Act requires organisations to take reasonable steps to protect the personal information of their customers. Further, the Commissioner did not consider there to be any circumstances in which it would be reasonable to store health records or any sensitive information, in a temporary structure such as a garden shed.
Most of the records held at the shed related to patients who had visited the centre prior to 2004. Since then, PRMC had moved to storing the medical records electronically, using software called ‘Medical Director’. It had however failed to take reasonable steps to destroy or de-identify records that it no longer used, which is a requirement of the Privacy Act.
2 Cupid Media Pty Limited: Own motion investigation report  AICmrCN 3 (25 June 2014) 3 Pound Road Medical Centre – Own motion investigation report July 2014
Lessons for organisations
Both Cupid and PRMC demonstrate the importance of organisations remaining vigilant about the security of personal information they hold, particularly where that information includes sensitive information. Organisations must take reasonable steps to secure and prevent unauthorised access or use of personal information, including
Big data, health records and privacy – the Big Data Debate By Alison Choy Flannigan, Partner
What is “Big Data”?
destroying and de-identifying information that is no longer required.
Reasonable steps will depend on the circumstances, however organisations must:
have strategies and procedures which allow it to monitor the security of the systems it has in place;
regularly audit the systems to ensure their security and address any vulnerabilities;
adhere to procedures they have in place; and
ensure that they take reasonable steps to destroy and de-identify information that they no longer use.
The Privacy Act applies to all businesses which provide a health service to an individual and hold health information except in an emplyee record. The obligation on organisations to take reasonable steps to protect personal information from misuse, interference and unauthorised access and take such steps as are reasonable in the circumstances to destroy the information or to ensure that the information is de-identified continue under Australia Privacy Principle 11.
Health providers must make adequate arrangements to store or destroy old records when they no longer require them and move location or transfer to electronic records.
Big data is a term used to describe the exponential growth and availability of data, both structured and unstructured.4
In terms of health care, big data represents all of the data which has been collected on relevant multiple databases and can include:
government information from Medicare and pharmaceutical benefit claims and births, deaths and marriages;
compensation claims such as motor vehicle claims and workers compensation;
early childhood screening records;
private health insurance records;
medical records kept by healthcare practitioners such as medical practitioners, pharmacies, dentists and allied health practitioners, and
the personally controlled electronic health record.
As our systems become automated and our records electronic, the amount of big data which has been generated has grown and will continue to grow.
What is the debate about?
A debate has developed in relation to whether or not researchers should have open access to big data to improve healthcare delivery and outcomes.
The affirmative case
“To realise and harvest the potential for big data to improve healthcare delivery and outcomes we need open data.”
There is no doubt that big data, provided that it can be appropriately harnessed and analysed, has huge potential in relation to:
Health care planning – understanding changes in demographics such as the location and age of a population enables better health care planning;
4 Available at http://www.sas.com/en_us/insights/big-data/what-is-big-data.html (15 August 2014)
Personalised medicine – The way genes interact with each other can sometimes predispose us to developing particular diseases. Scientists have identified specific links between genes and some diseases as well as between genes and the effectiveness of some medicines or treatments. ‘Personalised medicine’ (also known as stratified or precision medicine) uses this knowledge of genetics to predict disease development, to influence decisions about lifestyle choices or to tailor treatment to an individual;5 and
Health and medical research – data is an essential tool for all types of health and medical research, from the development of new drugs and medical devices, to innovative surgical and treatment techniques as well as preventative medicine.
Big data enables standardisation of the practice of medicine and collaboration.
More and more hospitals are retaining databases and linking them. Data can be de-identified and made available to researchers. A challenge for big data is building the tools to enable the data to be appropriately analysed.
The negative case
“There is no issue with using my data which I have agreed to provide to research, the issue is using my data without my consent. I have an illness but that is my business. I am worried that people will treat me differently if they know and I will lose my job.”
The main concern about big data is about privacy and human rights.
In many cases there is no such thing as truly de-identified data because the data needs to be checked and audited. Often data is “de-identified” and sent to researchers with the patient identified by a code, however, the collecting agency, such as a hospital, retains the “key” to correlate the code to a particular patient.
The negative case does not dispute the benefits, however, requires appropriate accountability and governance to be put in place to protect the privacy of individuals.
Sometimes, data is transferred without appropriate ethical approval and consent of the individual concerned.
Data can be abused when people are discriminated against on the basis of their health information, for example, in relation to life insurance and employment applications.
If we abuse big data, we will lose it.
The general consensus is that big data provides to us opportunities, however, the challenge is to be able to analyse the data and to ensure that there is a balance of privacy protection and ethical review.
Holman Webb sponsored and the writer chaired a big data debate session at the Big Data Conference in April 2014 convened by the Health Informatics Society of Australia. The writer acknowledges the valuable contribution of the panellists in that debate which contributed to this article.
5 Available at https://www.nhmrc.gov.au/your-health/genetics-and-human-health/genetic- testing-and-applications/personalised-medicine (15 August 2014)
Australian Clinical Trials & Research 101
By Alison Choy Flannigan, Partner
If a researcher, health and medical research institute, pharmaceutical, medical device and/or biotechnology company wishes to become involved in clinical trials and/or health and medical research in Australia, they should be aware of the legislative, regulatory and policy framework, noting that not all health and medical research is a clinical trial.
Therapeutic Goods Administration (TGA)
Section 1: Values and principles of ethical conduct;
Section 2: Themes in research ethics: risk and benefit, consent;
Section 3: Ethical considerations specific to research methods or fields;
Section 4: Ethical considerations specific to participants; and
Section 5: Processes of research governance and ethical review.
To meet TGA requirements, the clinical trial requires a ‘sponsor’
that is an Australian entity, which can be an organisation or an
Firstly, clinical trials conducted using ‘unapproved therapeutic goods’ in Australia – that is, goods that have not been evaluated by the Therapeutics Goods Administration (TGA) for quality, safety and efficacy and entered into the Australian Register of Therapeutic Goods (ARTG) for general marketing – are required to comply with the Clinical Trial Notification (CTN) or Clinical Trial Exemption (CTX) schemes.
When a Sponsor completes the CTN/CTX form they agree to a number of requirements, including complying with:
Guidelines for Good Clinical Practice, as described in regulation 12AB(2)(a) of the Therapeutic Goods Regulations 1990 (Cth) (Therapeutic Goods Regulations);
the National Statement on Ethical Conduct in Research Involving Humans, as described in regulation 12AD(c) of the Therapeutic Goods Regulations or in regulation 7.3(2a) of the Therapeutic Goods (Medical Devices) Regulations 2002 (Cth); and
the Guidelines for Good Clinical Practice.
The Therapeutic Goods Administration has published the Australian Clinical Trial Handbook which is available at: http://www.tga.gov. au/pdf/clinical-trials-handbook.pdf. The handbook is a simple, practical guide to the conduct of clinical trials to International standards of Good Clinical Practice in the Australian context.
This document summarises clinical trial documentation requirements, including the development of the Clinical trial protocol.
The sponsor of the trial also agrees to report all serious and unexpectedadversereactionstotheTherapeuticGoodsAdministration.
National Health and Medical Research Council
individual. The sponsor is responsible for the trial, including in relation to indemnity and insurance.
If the entity that wishes to conduct the trial is an overseas entity, then they will need to contract with an Australian entity to be the sponsor.
Organisations which provide these services are often called “contract research organisations” (or CROs).
Indemnity and Insurance
In Australia, industry generally accepts the Medicines Australia indemnity and compensation guidelines available at: http:// medicinesaustralia.com.au/issues-information/clinical-trials/ indemity-and-compensation-guidelines/ (or the Medical Technology Association of Australia equivalent for medical devices).
Under the compensation guidelines, compensation should be paid when, on the balance of probabilities, the injury was attributable to the administration or use of a product under trial or any clinical intervention or procedure provided for by the protocol that would not have occurred but for the inclusion of the Subject in the trial.
Please note that the test for the payment of compensation under the guidelines is not negligence and standard professional indemnity insurance may not cover liability to make a payment of compensation under the guidelines. Sponsors must procure clinical trials insurance which is consistent with the indemnities and compensation provided to institutions and study participants. The limit of insurance differs from State to State with $10 million per occurrence and in the aggregate per annum in Victoria and
$20 million per occurrence and in the aggregate per annum in New South Wales (however this can be reduced upon risk
(updated)ispublishedbytheNationalHealthandMedicalResearch Council (NHRMC) at: https://www.nhmrc.gov.au/guidelines/ publications/e72 and covers:
There is a common misconception that standard professional
indemnity insurance and public liability and products liability will cover clinical trials.
The standard clinical trial research agreements adopted by public hospitals in New South Wales, Victoria and Queensland are those published:
by Medicines Australia, in relation to pharmaceutical investigational
All States and Territories have policies which apply to public hospitals in relation to clinical trials and research. Private entities would have their own policies.
products, available at: http://medicinesaustralia.com.au/issues-
by the Medical Technology Association of Australia, in relation to medical devices, available at: http://www.mtaa.org.au/policy- initiatives/clinical-investigations.
There are different agreements depending upon the Study, including for:
non-commercial collaborative groups;
investigator initiated trials; and
Phase IV clinical trials (involving “on-market” therapeutic goods for their approved purpose).
If you use the standard documents and forms, the process is streamlined.
EachStateandTerritoryhasanethicsapprovalprocess,information on which is available at: http://www.australianclinicaltrials.gov.au/ node/56
The Ethics Committee must be NHMRC approved.
New South Wales, Queensland and South Australia have systems in place for intra-state single ethical review of health and medical research inclusive of clinical trials. Victoria has a system limited to single ethics review of multicentre clinical trials.
The Victorian and Queensland Departments of Health and the New South Wales Ministry of Health have signed a Memorandum of Understanding (MOU) and have introduced mutual acceptance of ethical and scientific review in public hospitals for multicentre clinical trials being conducted in more than one of these States.
Researchers and sponsors must comply with all relevant Australian
Before engaging in research, we suggest that you discuss the proposal with the sites well in advance. The research governance officers are generally available to assist researchers with their inquiries.
The writer is the preferred legal advisor on clinical trials research and governance for many NSW public hospitals. In the past and present she has been appointed to various research ethics committees. She was formerly company secretary of Research Australia and has recently been appointed company secretary of the National Foundation for Medical Research and Innovation.
The mission of the Foundation, formerly known as Sydney Foundation for Medical Research, is to “to advance innovations in medical research related to the nature, prevention, diagnosis, treatment and incidence of disease and other health problems that have a significant impact
on the health of humans”, with a focus on advancing medical
The standard forms to apply for a clinical trial to occur at a site are:
The National Ethics Application Form (known as the ‘NEAF’), available at: http://www.australianclinicaltrials.gov.au/node/38; and
The Site Specific Assessment Form (check with each Site).
innovations and enabling collaborations.
Transition to Primary Health Networks – Some legal issues for the journey
Many organisations in the health, aged care and life sciences sector have funding agreements with the Commonwealth. Reduction of funding, non-renewal or termination of the agreement is a risk that needstobemanaged.WhilethisarticlefocusesontheCommonwealth’s decision to transition from Medicare Locals to Primary Health Networks,
the legal issues remain relevant to all organisations with significant
By Dr Tim Smyth, Special Counsel
Some suggested key tasks
monitor liquidity and ensure solvency is maintained during the transition;
get the “house in order” now:
ensure all employment contracts and their terms are known;
update the contracts register;
identify any valuable IP and IP licences;
ensure all obligations on termination of funding are documented now;
calculate liabilities on termination and revise monthly;
review options for post termination and decide whether winding up is to be the preferred outcome;
negotiate a Termination Deed with the Commonwealth;
ensure all tax and superannuation obligations are met;
review insurances and obtain run off cover;
comply with company constitution and governance requirements;
consult with staff and comply with redundancy obligations;
remember notification obligations to the ACNC; and
review key company records and determine post termination management and storage.
funding from the Commonwealth.
The Commonwealth Minister for Health announced in May 2014 that the Government had accepted the recommendations of the review of Medicare Locals by Professor John Horvath AO (Horvath Report6) and would invite proposals to establish a smaller number of larger Primary Health Networks (PHN) in 2015.
As this issue of the Health Law Bulletin goes to press, the announcement of the actual number and geographical boundaries for the new PHNs is awaited. The Request for Tender (RFT) seeking proposals to operate a PHN is expected to be released in November 2014. The Commonwealth Department of Health has advised that they anticipate a decision being made by March 2015 with a three month transition period ahead of the new PHNs commencing operation on 1 July 2015. The current 61 Medicare Locals were advised by letter in May that the Commonwealth intended to terminate their funding deeds at the end of the 14/15 financial year.
Medicare Locals (ML) are companies limited by guarantee incorporated under the Corporations Act 2001 (Cth). The majority of their funding is under a funding deed with the Commonwealth Department of Health.
While primarily a policy decision of government and not requiring any legislative action for implementation, the transition to PHNs does raise some important legal issues for all parties involved – Medicare Locals, the Commonwealth and the new PHNs.
These issues include:
Funding deed termination process and timing;
Liabilities on termination;
ML Directors’ duties;
Redundancies and transition of work under the Fair Work Act 2009 (Cth) (Fair Work Act);
Options for MLs to continue post termination;
Winding up process if this is the preferred option;
Intellectual property; and
Charitable status of MLs and PHNs.
6 Review of Medicare Locals. Report to the Minister for Health and Minister for Sport. Professor John Horvath AO 4 March 2014. http://www.health.gov.au/internet/main/ publishing.nsf/Content/review-medicare-locals-final-report
Funding deed termination process and timing
While the Commonwealth Department of Health has confirmed that it intends to terminate the funding deeds using the termination for convenience provision, this notice has not yet been issued and its timing remains uncertain.
Until the termination notice is issued and the date of actual termination is known, MLs are required to continue their operation and provision of services under the funding deed. The Commonwealth will, understandably, want to have the new PHNs agreed and in place well ahead of the actual termination to ensure a smooth transition.
While MLs can advise their staff, subcontractors, landlords and partner organisations that termination of funding from the Commonwealth will occur in 2015, they are unable to confirm an actual date and issue formal legal notices. As outlined later in this article, the process for notifying staff will affect redundancy liabilities. Notice provisions in office leases, equipment leases, subcontracts and other contracts will vary. Compliance with, and the timing of, these notice provisions will also affect the liabilities and obligations of the respective parties.
As the government wishes to have an open and contestable process open to the private sector for ownership and operation of the new PHNs, it is possible that a new PHN may not want to transition staff, premises, contracts and other operations of a ML to the new PHN. This presents another timing issue, uncertainty and potential liquidity problem for MLs.
Liabilities on termination
Determining the nature and quantum of liabilities on termination is not a simple exercise. Again timing of the notice of termination and the actual date of termination will be a critical factor.
In addition to careful calculation of redundancy payments, accrued annual leave liability and triggering of long service leave payment obligations,7 MLs will need to review every lease, contract and other agreement to determine the ability to terminate and liabilities.
Negotiations with the new PHN (if established) will be required to determine what programs, staff, premises and equipment will be transferring to the new PHN and the extent to which the PHN will also take over payment liabilities associated with this transfer. The consent of the Commonwealth may also be required for some transfer issues.
Under some programs MLs pay health professionals for services provided to patients under referrals from general practitioners. The ML receives invoices from the health professional, often many weeks or months after completion of the services. Calculating liabilities for this payment obligation will be difficult due to the lag in receiving invoices, the obligation of the ML to honour referrals by GPs under the program prior to termination and uncertainty over whether the Commonwealth will require the new PHN to assume this liability.
The termination for convenience clause triggers an obligation on the Commonwealth to meet ML costs arising from the termination. However, this obligation is limited to “reasonable costs”, “unavoidably incurred” and “directly related” to the termination. The Commonwealth’s liability is also capped to the remaining unpaid funding. Each of these limitations raise important timing and legal issues for MLs.
The current funding deed also provides that on termination the Commonwealth can require MLs to return unspent funds and pay the Commonwealth the undepreciated value of assets acquired using Commonwealth funds. These provisions raise potential liquidity issues for MLs.
MLs will need to be able to clearly establish their liabilities and ensure that they are accepted and funded by the Commonwealth on termination. A formal Deed of Termination should be agreed by the ML with the Commonwealth.
7 It is important to note that long service obligations are under State and Territory legislation, not the Fair Work Act and that these vary from State to State.
ML Directors’ duties
Redundancies and transition of work under the
Fair Work Act
Medicare Locals are public companies incorporated under the
Corporations Act. A core duty of Directors under the Act is to ensure that the company does not trade while insolvent or place itself in a position where it is likely to be unable to pay a debt when due and payable.
The process to establish and transition to PHNs creates significant uncertainty and reinforces the need for Directors to pay close attention to liquidity and projected liabilities on termination of the funding deed. Boards should now require a monthly report on projected liabilities, cashflow and liquidity.
Exploration of options for the company post termination must also ensure that sufficient funds will be available to enable the company to operate under the preferred option.
The uncertainty also raises issues for the audit and Director’s signoff of the 13/14 financial statements. Following requests from ML Boards, the Commonwealth has recently provided a “letter of comfort” that will enable auditors and Directors to sign off on these financial statements. These issues will arise again in relation to the 14/15 financial statements.
Directors will also have governance obligations during the transition process under their company constitution and the Corporations Act. Annual General Meetings will need to be held and provisions regarding Director retirements and elections complied with. If there are procedural and other obstacles in the current constitution, now is the time to get member approval for amendments.
Decisions to continue operation post termination of the funding deed, to change the name of the company, to transfer assets to the new PHN or other organisations and/or to wind up the company will also require approval of members of the company.
Directors also need to ensure that the company meets all of its taxation, employer and contractor superannuation and workers compensation insurance payment obligations throughout the transition process. A failure to do so can make Directors and officers personally liable for these payments.
Insurances should also be reviewed to ensure that coverage during and after the transition will continue. Run off cover for claims made policies will be required. Directors and Officers insurance should be reviewed. Under some insurance policies there may be a duty to notify the insurer of the Commonwealth’s intention to terminate the funding deed.
Medicare Locals have a wide range of employment instruments. Some have enterprise agreements, some employ under the Modern Awards and others have common law employment contracts incorporating provisions of modern awards, all underpinned by the National Employment Standards (NES).
The mix of staff also creates different potential liabilities on termination. Some staff will have transferred to the ML from a former Division of General Practice. Some staff may have had their previous service recognised for annual leave, long service leave, notice and/or redundancy purposes, while others will be new employees with only a short period of service.
There are also a variety of contract terms – some are styled “fixed term”, some will have clauses seeking to provide an ability to terminate if funding ceases, some styled “maximum duration” and some styled “casual”. MLs should obtain legal advice before giving notice of termination to ensure compliance with contract provisions and to avoid triggering an unintended redundancy payment or an unfair dismissal claim.
Each of these scenarios generate different redundancy and notice liabilities. Each also raises different issues in relation to offers to staff to transfer to the new PHN or acceptance by ML staff of positions elsewhere ahead of, or soon after, termination.
It is essential that MLs have an accurate register of each employment contract, its terms regarding notice of termination by the employer for reasons other than misconduct, recognition of prior service and intended termination date or event.
Modern Awards and enterprise agreements will also require consultation with affected employees and in some cases, unions. Compliance with these consultation obligations is important to ensure a genuine redundancy defence can be maintained in an unfair dismissal claim.
The former “transmission of business” concept and process under the Workplace Relations Act 1996 has now been replaced with the concept of “transfer of work” under the Fair Work Act. To avoid triggering a redundancy payment obligation, the ML employee will need to accept an offer of employment from the new employer for a role which is the same, or is substantially the same as the ML role, on terms which overall are no less favourable.
A “fixed term” contract with a provision enabling the employer to terminate if funding ceases may still give rise to a redundancy payment obligation.
Accurate estimation of redundancy payment obligations and other termination payments (including notice, accrued annual leave and crystallised long service leave payments) is essential as these payments are likely to be a major component of the company’s liabilities on termination of the funding deed by the Commonwealth.
MLs will also need to ensure that they comply with their legal obligations for staff who may be on maternity leave or being treated for a workplace injury.
Options for MLs to continue post termination
While the general assumption has been that each ML will wind up and cease to operate, each company will need to give careful consideration as to whether this is the best option to take.
The response to the Commonwealth PHN RFT process, the decisions to accept proposals submitted and the process for establishing new PHNs and the transition from the MLs are factors that will inform the options available.
Some MLs have other sources of funding from State Government agencies, other organisations and internal business operations. This funding may continue and enable the company to confidently continue.
Until the landscape becomes clearer in 2015, MLs may have a range of options in addition to winding up. These include:
successful submission in the RFT process and operating a new PHN with a change of company name;
becoming a member organisation of the new PHN company;
subcontractor to the new PHN;
continuing under a new name with existing other funding; and
reinventing the company and operating a new business.
One or more of these options might also involve a merger with other Medicare Locals.
Each option will require a considered business case and Directors will need to ensure that the company constitution enables the option to be pursued, the option provides sufficient certainty to maintain solvency, the business case covers liabilities and obligations, third party consent requirements and applicable regulatory requirements.
Winding up if this is the preferred option
For many MLs, ceasing operations and winding up will end up being the preferred option. Winding up will have costs and will require the company to retain a skeleton staff and a Board until winding up is completed. These costs will need to be included in the Commonwealth funding of termination liabilities and the formal Termination Deed with the Commonwealth.
While liquidity issues may raise a need for the Board to consider voluntary liquidation and immediate appointment of a liquidator, a suitable Termination Deed with the Commonwealth should enable an orderly winding up of the company.
Each ML will need to review its constitution to determine procedural requirements to obtain member consent to winding up. Where possible, a transfer of staff, assets and operations to the new PHN is desirable. After payment of remaining debts, the company should then have no assets or liabilities enabling, following approval by members, a simple de-registration of the company with ASIC.
If this is not achievable a formal liquidation of the company with appointment of a liquidator in accordance with the Corporations Act will be required.
An important issue that MLs need to address well ahead of winding up is the management and transfer or storage of the company records. These records will include governance records, financial records, employee records and, depending on the ML’s programs and services, patient and client clinical records.
There are a range of record retention requirements under tax law, employment law, privacy law and in some jurisdictions specific health records laws. In addition, professional and ethical requirements will require key records to be retained and stored. Directors and officers of the company may also need access to these records in the event of a claim or other legal issue arising after the termination of funding and winding up of the company.
The Commonwealth will not permit continuation of the use of the name “Medicare Local” after the transition to PHNs has been completed.However,underthefundingdeedwiththeCommonwealth, the ML retains ownership of all other intellectual property rights.
Some MLs will have created valuable IP that may have a commercial value to the new PHN and/or other organisations. While the Commonwealth has a non exclusive licence to use this IP if sourced from Commonwealth funds, the ML retains the underlying IP rights.
Many MLs have entered into licence agreements to use third party IP (eg health pathways software). MLs will need to carefully review the terms of these licences to determine what options, if any, exist to transfer these licences to a new PHN or other organisation and/or to continue use if the company decides not to wind up. Notice and termination provisions will also need to be complied with.
Charitable status of MLs and PHNs
Another important legal issue to be managed is the charitable status of MLs and the new PHNs, especially public benevolent institution (PBI) and/or health promotion charity (HPC) status and the capped FBT exemption giving staff the ability to salary package up to $30,000.
MLs are charities registered with the ACNC and any changes to name, officers, constitution or a decision to wind up has to be notified to the ACNC. MLs are PBI/HPCs and endorsed by the ATO for salary packaging purposes. As this is a capped FBT exemption, the usual timetable for confirming packaging structures is April to March rather than July to June to align with FBT reporting timeframes.
To maintain the salary packaging attraction for staff recruitment and retention, PHNs will also need to be registered as charities by the ACNC and have PBI/HPC status and ATO endorsement.
Registration as a charity with the ACNC can take a number of weeks. Now that the CharitiesAct 2013 (Cth) is in force for all Commonwealth laws, PHNs will have to successfully apply and obtain registration from the ACNC before they can be classed as PBI/HPCs and then obtain endorsement from the ATO for FBT and salary packaging purposes. ATO endorsement will also take some time.
Staff engaged by a PHN cannot retrospectively salary package, so for very practical reasons it is desirable that the PHN gets its ACNC registration and ATO endorsement before it employs any staff or accepts any ML staff.
Similarly, MLs that decide to wind down will need to take care that they are continuing to perform functions and provide services to GPs and primary health care until an agreed endpoint. Once they stop performing the functions and providing services, they are no longer charities and will have to notify the ACNC and be removed from the ACNC register. Hence the ML staff remaining at that time would lose their entitlement to salary package.
Careful management of this process will be required to avoid a scenario where there are ML staff who face receiving anATO amended assessment and tax bill sometime in 2016 when the transition is over and the ATO catches up with ACNC deregistration of the ML.
Disclosure of interest
The author is also Chair of the Eastern Sydney Medicare Local
Proposed retention laws
– an invasion of privacy?
A major issue also arises in relation to the interaction of the Government’s proposal and the operation of the Privacy Act 1988 (Cth) (Privacy Act). In a statement on 8 August 2014, the Australian
Privacy Commissioner raised its concerns surrounding the potential
By Alison Choy Flannigan, Partner and Joann Yap, Solicitor
The Australian Government announced on 5 August 2014 that it will introduce a suite of counter-terrorism measures to provide security agencies the resources and legislative powers needed to combat terrorism, whether within Australia or carried out by Australians overseas. In addition to legislative measures to toughen national security laws, the Government has stated its intention to ‘update’ Australia’s telecommunication interception law while balancing the new powers with ‘proper oversight to protect the individual rights of Australians, including their right to privacy’, by increasing resources of the independent Office of the Inspector-General of Intelligence and Security.8
The Prime Minister and National Security Committee of the Cabinet have commissioned the Attorney General to prepare relevant legislation, which will likely include amendments to the Telecommunications (Interception and Access) Act 1979 (Cth). Legislation for a system of mandatory data retention has been approved in principle and will be introduced into Parliament later this year, with both the Prime Minister and Attorney General indicating that telecommunications providers and other relevant stakeholders will be consulted.9
If the proposed laws are passed, internet service and telecommunications providers including iiNet, Optus, Telstra and others would be required to store their users’ metadata. Metadata is the background footprint indicating a user’s activities when using information technology, for example, browsing history, including websites visited and pages read, time and length of phone calls, location of the person using the device and email addresses. There is currently no definition of metadata under Australian telecommunications law10 and it is therefore unclear what type of information would be retained, although the Prime Minister has stated content generated by users will not be included.11 Furthermore, it is uncertain whether the Government will act in accordance with a previous recommendation of the Parliamentary Joint Committee on Intelligence and Security that any data retained should be for no more than two years.12
for the retention of large amounts of data to contain a great deal of ‘personal information’ under the Privacy Act, and in particular the Commissioner’s concerns that an extended length of time in which the personal information is retained will increase the risk of a data breach. Health service providers should take note the Commissioner’s particular emphasis that organisations holding personal information need to comply with all their obligations under the Privacy Act, including the ‘requirements to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure’.13
Australian Privacy Principle 6 of the Privacy Act does permit the disclosure of personal information if required or authorised by an Australian law or a court/tribunal order, Governmental authorities such as the police already have rights to access certain information pursuant to search warrant. The proposed laws will require telecommunications companies to retain such information. The Government’s proposal is in its early stages. Issues with the proposal are:
Balancing the risk of breaches to national security against the right of the individual.
Who is going to pay for the data retention costs?
What health information will be required to be retained?
Who will have access to the information once the data is stored.
Prime Minister’s Office, New Counter-Terrorism Measures for a Safer Australia (5 August 2014) http://www.pm.gov.au/media/2014-08-05/new-counter-terrorism-measures-safer-
australia-0 (8 August 2014).
Prime Minister’s Office, Joint Press Conference, Canberra (5 August 2014) http://www.
pm.gov.au/media/2014-08-05/joint-press-conference-canberra-0 (8 August 2014).
See the Telecommunications (Interception and Access) Act 1979 and
Telecommunications Act 1997.
Prime Minister’s Office, Interview with Michael Brissenden, ABC AM (6 August 2014)
Parliament of Australia, Report of the Inquiry into Potential Reforms of Australia’s
National Security Legislation, p. 192 (May 2013) < http://www.aph.gov.au/parliamentary_ business/committees/house_of_representatives_committees?url=pjcis/nsl2012/report/ chapter%205.pdf> (8 August 2014).
Timothy Pilgrim, Office of the Australian Information Commissioner, Australian Government’s data retention proposal – statement (8 August 2014) <http://www.oaic. gov.au/news-and-events/statements/privacy-statements/australian-governments-data- retention-proposal/australian-government-s-data-retention-proposal> (8 August 2014).
ACNC abolition remains on government’s agenda
Of interest, the Options Paper canvasses the possibility that charities that are currently also required to provide reports to other Commonwealth regulator agencies (in addition to the ACNC, ASIC
and ATO) may not have to continue reporting the same information
By Dr Tim Smyth, Special Counsel
An Options Paper released by the Department of Social Services last month confirms the government’s intention to abolish theAustralian Charities and Not-for-profits Commission (ACNC), returning some of the regulatory functions to the ATO and ASIC and supporting a self-reporting public accountability framework. The submission period for comments on the July Options Paper14 closed on 20 August 2014.
The Government introduced the Australian Charities and Not-for- profits Commission (Repeal) (No.1) Bill 2014, into the House of Representatives on 19 March 2014. This Bill repeals the Australian Charities and Not-for-profits Commission Act 2012 (Cth), but did not specify replacement arrangements. Parliamentary consideration of the Bill has not progressed further. The Options Paper advises that consultation on the paper will help inform drafting of the Australian Charities and Not-for-profits Commission (Repeal) (No.2) Bill 2014, to be introduced into the Parliament later this year.
The Options Paper outlines four components of the proposed replacement arrangements:
Self-reporting requirements to ensure public accountability for charities’ operations.
Returning determination of charitable status to the ATO with a framework in place to ensure independence of decision making.
A proportionate compliance framework that would leverage existing powers.
Appropriate transitional arrangements to provide certainty for the sector.
The government is proposing that charities will be required to maintain a publicly accessible website that includes:
the names of responsible persons;
details of all funding received from government (including Commonwealth, State and Local government);
financial reports; and
other information that the charity chooses to have on the website. Charities currently exempt from providing financial reports to the
ACNC (eg small charities and some religious charities) would
retain that exemption.
For charities that are companies incorporated under the Corporations Act, all reporting requirements to ASIC under the Corporations Act will be reinstated.
Options Paper – Australia’s Charities and Not-for-profits. Options for Replacement Arrangements following the abolition of the Australian Charities and Not-for-profits Commission. July 2014. Available at www.dss.gov.au.
to multiple Commonwealth agencies.
Determination of charitable status would return to the Australian Taxation Office. The Options Paper proposes that a dedicated function for this would be established within the ATO. The Options Paper sought comment on two options for initial review of ATO decisions on charitable status. One option proposed is an independent panel including external experts and ATO officers. The second option is establishment of a separate review function within the ATO.
Under either option, charities dissatisfied with decisions of the ATO on charitable status would have a right of appeal to theAdministrative Appeal Tribunal.15
ATO, ASIC and other Commonwealth regulator enforcement powers in relation to charities would continue. The Options Paper noted that the ATO has extensive enforcement powers, ASIC has powers to require removal of responsible persons and State and Territory charities regulators will continue to have monitoring and enforcement powers. Collectively, these are felt to be sufficient to address potential misconduct by charities.
The Options Paper proposes that in relation to self-reporting and compliance, charities and not for profits should “enjoy a rebuttable presumption of virtue” and “only cases of wilful non-compliance with reporting requirements will be investigated to ensure the self-reporting framework is maintained.”
The Options Paper proposes a transition period for some aspects. While the return of functions to the ATO and ASIC is proposed to take effect on Royal Assent to the Bill once passed by the Parliament, other aspects may have a later date (eg the Options Paper proposes that the website requirement would apply from 1 July 2015).
The Department of Social Security has advised that a summary of stakeholder feedback will be available on the Department’s website in the near future.
ACNC compliance and reporting obligations remain in force
Charities and not-for-profits need to ensure their continued compliance with the ACNC registration, notification, reporting, governance and compliance requirements. From July 2014 organisations with an income of $250,000 or more are required to submit a financial report to the ACNC.
The Charities Act 2013 commenced on 1 January 2014 setting out requirements for recognition as charity for the purposes of Commonwealth laws.
As part of the 2014 Budget, the government announced its intention to amalgamate the Commonwealth’s external merits review tribunals from 1 July 2015 - the Administrative Appeals Tribunal (AAT), Migration Review Tribunal and Refugee Review Tribunal, Social Security Appeals Tribunal and the Classification Review Board. Merits review of Freedom of Information (FOI) matters, currently undertaken by the Office of the Australian Information Commission (OAIC), will also be transferred to the AAT from 1 January 2015.
Protecting Software in the Digital Age - University of New South Wales v Moorhouse; APRA v Jain
By Grant Hansen, Partner
Intellectual property rights include patents, trade marks and copyright. The CopyrightAct 1968 (Cth) grants exclusive rights in the copyright owner, including the right to use, reproduce and publish works. Copyright exists in original works, such as computer programs. Infringement of copyright occurs when a person uses the work without a licence and contrary to the rights of the owner. This can occur if software is illegally downloaded from the internet. There is sometimes a misconception that if something is available on the internet, anyone can use it and that copying is fine because “everyone does it”.
Healthcare organisations must ensure that materials they use are appropriately licensed and do not infringe the intellectual property rights of others. Illegal downloading of material is stealing. The following cases indicate that employers can be held liable for illegal downloads of items such as software, pictures and music by their employees in the course of their employment.
In the seminal case on damages for software infringement,
Autodesk v Cheung (1990) 171 IPR 69, Justice Wilcox observed that:
“one matter which is, in my opinion, relevant, is the difficulty computer program owners face in trying to protect their copyrights. Computer software is easy to duplicate, distribute and conceal. Particularly in a case where a person is supplying computer programs as an adjunct to other equipment, and is therefore not advertising the supply, infringements may be difficult to detect. And, when they are detected, proof of the facts may be a substantial task.”
Autodesk v Cheung involved a physical sale of counterfeit software, installed on PCs by a system builder. The case predates the distribution of software using internet connections. In the “digital economy” software can be downloaded and activated by an end- user without dealing with the physical product. Much of this activity - such as sales on platforms such as eBay and downloads from sites which advertise their purpose - remains visible. Other transactions using peer to peer technologies are more difficult to detect.
To see what is at stake one has only to consider the fate of the recorded music industry. From 1999 to 2013 music sales in the US dropped from US $14.6 billion to US $7 billion.16
“Channel” and “End-user” Infringement
Software infringement manifests in two principal ways: “channel” and “end user” infringement. Channel infringement involves the sale of unlicensed software and/or the means of activating and using software (typically, on the internet, by sale of product keys that permit activation of downloaded software). Channel infringement can be dealt with using test purchases to gather evidence of infringement. Liability is therefore usually not in issue.
A more difficult challenge is posed by commercial end user infringement.
In 1988 major software copyright owners formed the Business SoftwareAlliance (BSA). Members includingAdobe,Apple,Autodesk, Baseplan, Bentley, Dassault Systèmes, Microsoft, PCT, and Siemens. The BSA is an industry initiative that operates throughout Asia, Europe and North and South America. Software owners in each jurisdiction have formed country committees which administer a compliance programme in that jurisdiction. Members pay subscription fees and agree that the proceeds of enforcement are paid to the BSA to fund further enforcement and education.
The big markets for enforcement work are not surprisingly in the developing economies ofAsia where non-compliance rates frequently exceed 50 per cent.
Australia may lead the world in downloading unlicenced versions of Game of Thrones but our surveyed non-compliance with software is average for a developed economy, about 21 per cent valued at US$743 million in a 2013.17
Obtaining evidence of end user infringement is of course the major challenge. Infringers rarely spontaneously confess. Unlike channel infringement there is no public nexus - no point of sale where evidence can be obtained. The BSA in Australia therefore usually acts on information received. Informants come forward for a variety of reasons - to claim a reward; to get even with an employer they feel has treated them poorly; and because they do not agree with using unlicensed software for profit.
The BSA always gives the Respondent an opportunity to produce evidence that it was in fact licenced (contrary to the information received). If evidence of licencing is not forthcoming the BSA then seeks to reach an appropriate negotiated settlement.
If that is not possible the affected BSA members have a choice between commencing proceedings (based on the evidence provided by the informant) or making an application for preliminary discovery.
Preliminary discovery is a highly technical jurisdiction under rule
7.23 of the Federal Court Rules. It requires evidence, at the time of the application, that: the Prospective Applicant reasonably believes that the Prospective Respondent has or is likely to have, in its control, documents directly relevant to the question whether the Prospective Applicants has a right to obtain the relief.
This requires evidence from an appropriate decision maker within the Prospective Applicant. Given that Prospective Applicants are typically large multi-national corporations with complex internal delegations of authority, careful consideration is necessary. In Telstra Corporation v. Minister for Communications (no. 3)  FCA 1567 the Prospective Applicant failed because the evidence going to the Prospective Applicant’s reasonable belief was from a person with insufficient authority to make the decision to commence proceedings.
Nor is preliminary discovery available when the Prospective Applicant has formed the view that it does have a right to obtain relief.18
For this reason, if sufficient evidence is held to permit the particularisation of at least one instance of infringement as required by rule 34.35 of the Federal Court Rules, the better course is to commence substantive proceedings and to then obtain an order for discovery pursuant Division 7.3 of the Federal Court Rules. Such orders are however not made as of right; it is necessary to persuade the Court that the Respondent has documents within its control that are directly relevant to a real issue in dispute.
Whenever software is installed on a computer, a record of that installation, including the time and date of the installation is created and stored on the computer’s permanent storage medium. Those records can be accessed and reproduced in a written form. If the records show an installation and the respondent does not have a corresponding licence then liability for that instance of unlicensed reproduction can be established.
More often than one might expect however, the quality of information provided by an informant is astonishingly good and includes internal documents and screenshots of network files disclosing the existence of “crack files” or internal emails containing admissions of the use of illegal software.
Older readers will remember when ephemeral communications were by telephone or even, incredibly, face to face. In those times the litigators’ task was much harder. In the digital age, the email is truly the litigator’s friend.
The question arises however, can use be made of internal documents obtained by an employee or consultant, perhaps covertly, which incriminate the employer?
Section 138 (1) of the Evidence Act 1995 (Cth) provides that evidence obtained “improperly or in contravention of an Australian law” is not to be admitted unless the desirability of doing so outweighs the undesirability of admitting such evidence.” Section 138(3) sets out matters the court can take into account such as the probative value of the evidence and the gravity of the contravention and the difficulty of obtaining the evidence without “impropriety”.
The first question is whether there is in fact any impropriety in the way evidence has been obtained from the Respondent. Sections 126A to 126E of the Evidence Act 1995 (NSW) create “protected confidences” but internal office communications are not within these categories. Sections 117 to 131 of the Commonwealth Evidence Act deal with privileged communications but again these do not include internal office communications. Such documents are however business records and admissible pursuant to s69 of the Evidence Act.
Even if a contractual provision purports to prohibit the disclosure of an incriminating document, it would remain potentially admissible by virtue of s138 (1) of the Evidence Act and at common law.
In National Roads & Motorists Association v Whitlam  NSWCA 81, Campbell JA (with whom Beazley JA and Handley AJA agreed) observed in relation to “confidential information” which was not subject to a statutory privilege, that the usual approach of the court is that it is more important that such evidence (if relevant) be used in the administration of justice rather than that the confidence be protected.
The common law position is clear enough. The authorities established that the public interest in the disclosure (to the appropriate authority or perhaps the press) of “iniquity” will always outweigh the public interest in the preservation of private and confidential information. In Allied Mills Industries Pty Ltd v Trade Practices Commission (1981) 34 ALR 105 at 127 Sheppard J quoted with approval Wood VC in Gartside v Outram (1856) 26 LJ (Ch) 113, (at 114): “The true doctrine is, that there is no confidence as to the disclosure of iniquity. You cannot make me the confidant of a crime or a fraud, and be entitled to close up my lips upon any secret which you have the audacity to disclose to me relating to any fraudulent intention on your part: such a confidence cannot exist.”
See Gibson v. ANZ Banking Group Ltd (VSC Gobbo J. No 10670/91)
Generally speaking, the major legal issue in most software cases is assessment of damages. Typically that is done by applying what is known as the “licence fee test”. That is based upon an inference that the Court may draw that a respondent, when presented with a choice between paying the licence fee and not using the software would have paid the necessary licence fee.19 Damages are payable irrespective of whether there has been any belated legalisation.
Compensatory damages are however just the beginning. Section 115(4) of the Copyright Act 1968 (Cth) (Copyright Act) provides that the Court is empowered to make an award of additional damages under section 115(4) of the Act where the Court is satisfied that it is proper having regard to the flagrancy of the infringement and the need for deterrence.
The deliberate infringement of copyright for gain constitutes deliberate and flagrant conduct.20
The availability of additional damages is a powerful incentive for respondents to settle software infringement claims at an early stage. Awards of multiples of the compensatory damages are routine. Post detection conduct is one of the factors a Court can have regard to in awarding additional damages.
The other great incentive for respondents to settle is the concept of authorisation under s36 (1) of the CopyrightAct. Notwithstanding the High Court’s decision in Roadshow Films Pty Ltd v iiNet Ltd (2012) 95 IPR 29, company directors still have the requisite control to be exposed to personal liability where their company has engaged in infringing conduct. That can be the case even when the director had no actual knowledge of the infringement.
In University of New South Wales v Moorhouse (1975) 133 CLR 1 the High Court found that authorisation included “countenance or acquiesce”. In Microsoft Corporation & Ors v PC Club Australia & Ors  FCA1522 at paragraph 277, Conti J applied the Moorehouse to directors of a private company observing:-
“As directors in office of PC Club at all material times, neither Ms Lee nor Mr Fang can escape liability...for the same quantification of s115(2) damages for infringement of copyright. By virtue of their respective appointments...and their full time... employment...each of them must be taken to have authorised the infringing conduct of PC Club.”
In APRA v Jain (1990) 18 IPR 663, a decision of the full Federal Court, Mr Jain was the CEO of the proprietor of Old Windsor Tavern but he left the day to day running of the tavern to an employee. The Court found that Mr Jain had known that music would be performed at the tavern, but did not concern himself with the actual pieces of music which would be performed.
Mr Jain was found to have authorised infringements even though “he did not concern himself with the actual pieces of music which would be performed.”
See Autodesk Australia Pty Limited v Cheung (1990) 171 IPR 69 and Microsoft Corporation & Ors v Ezy Loan Pty Limited & Anor (2004) 63 IPR 54
See Microsoft Corporation v PC Club Australia Pty Ltd  FCA 1522 at 223 per Conti J
Employment Update – Significant Increases in Damages Awarded by Courts in Sexual Harassment, Discrimination and Adverse Action Claims - Richardson v Oracle Corporation Australia Pty Ltd; Sagona v R & C Piccoli
By Robin Young, Partner, Alicia Mataere, Associate and Kristen Hammond
Two recent judgments of the Full Federal Court and Federal Circuit Court have resulted in awards of significant damages to employees in cases involving claims of sexual harassment, discrimination and adverse action.
The prevailing trend in recent times has been for courts to adopt a cautious approach when fixing damages in such cases, typically awarding between $12,000 and $20,000. However, a full Federal Court has awarded an employee $130,000 in damages and the Federal Circuit Court awarded an employee over $235,000 in damages and penalties, marking a significant shift away from low awards of damages.
21  FCAFC 82.
Richardson v Oracle Corporation Australia Pty Ltd and Tucker 21
In Richardson the Full Federal Court increased Ms. Richardson’s original award of damages from $18,000 to $130,000.
Ms Richardson alleged that between April 2008 and December 2008 she was subjected to multiple incidents of unlawful sexual harassment by her colleague while working at Oracle. Ms Richardson’s case was that her colleague had subjected her to “a humiliating series of slurs, alternating with sexual advances, from [the colleague] which built into a more or less constant barrage of sexual harassment.” The alleged incidents of sexual harassment included:
making comments regarding he and Ms Richardson having a sexual relationship and “being married” in their past lives, such as stating “so, how do you think our marriage was? I bet the sex was hot” and telling a colleague he and Ms Richardson had a “really hot love/hate thing going on”;
repeatedly propositioning Ms Richardson to begin a sexual relationship with him, including inviting her to “go away for a dirty weekend”; texting and calling her outside of work hours to invite her to meet him at social events; and asking Ms Richardson to “sneak off to a corner” with him;
making sexually suggestive comments regarding Ms Richardson’s appearance, such as “I love your legs in that skirt. I’m going to be thinking about them wrapped around me all day long”; and
behaving in a sexualised manner towards Ms Richardson in front of their colleagues, such as imputing sexual connotations to comments made to Ms Richardson – for example, when a colleague commented “I’ll give it to her”, the colleague would say “you will give it to her” in a suggestive manner.
Ms Richardson complained to her direct manager in November 2008, and the matter was escalated to Oracle’s Australia and New Zealand Director of Human Resources shortly after. Ms Richardson eventually resigned.
Initially, his Honour Justice Buchanan held that Ms. Richardson had been sexually harassed, that Oracle had contravened section 28B of the Sex Discrimination Act 1984 (Cth)(SD Act) and that Oracle was vicariously liable for the conduct of the colleague who sexual harassed Ms. Richardson. Consequently, Justice Buchanan awarded Ms Richardson general damages of $18,000 in compensation of the distress and embarrassment she had suffered as a result of the sexual harassment.
Ms. Richardson appealed Justice Buchanan’s judgment arguing, among other things, that the award of damages was manifestly inadequate.
A full Federal Court agreed that the order of $18,000 was manifestly inadequate and should be replaced with an award of $130,000, comprising of $100,000 in general damages and $30,000 in economic loss. Significantly, the Court relied on prevailing community standards and the beneficial nature of discrimination legislation to substantially increase the damages award, noting that the previously accepted range of damages in sexual harassment cases would not be determinative.
Sagona v R & C Piccoli Investments Pty Ltd & Ors22
Similarly, in the Federal Circuit Court judgment of Sagona, a breach of the Fair Work Act 2009 (Cth) (FW Act) adverse action provisions led to the award of $174,097 in compensation and a further $61,000 in penalties.
Ms Sagona successfully claimed that Piccoli Photography took adverse action against her because of her pregnancy, gender and family responsibilities. Ms Sagona had been employed as a photographer and salesperson at Piccoli Photography for 12 years and was being groomed by the Company’s owners to take over the business. However, when Ms Sagona informed Piccoli Photography that she was pregnant and intended to take maternity leave, Piccoli Photography took adverse action against her which ultimately led to her resignation. Examples of the adverse action included comments such as it was “not a good look” for customers to see a pregnant woman working, that it would make the Piccoli Photography look like “slave drivers” and Ms Sagona look “desperate” for working when she was noticeably pregnant.
In awarding Ms Sagona $164,097 compensation for economic loss and $10,000 in respect of general damages for distress, hurt and humiliation, her Honour took into account the abusive nature of the adverse treatment, Ms Sagona’s length of service and the income Ms Sagona would have expected to earn had she assumed responsibility for the day to day running of the business as planned. On consideration of the deliberateness of the conduct and the lack of contrition exhibited by Piccoli Photography her Honour also awarded a total of $61,000 in penalties ($45,000 from Piccoli Photography, and $8,000 each from the Directors).
The previous low range of damages for matters involving sexual harassment and discrimination can no longer be relied upon. Rather, it appears that Courts, based on changed community standards and the beneficial nature of legislation enshrining protections against discrimination and harassment are far more willing to award substantial damages for such claims. Further, Sagona indicates that employers may be subject to high monetary penalties in relation to breaches of the “civil penalty” provisions of the FW Act.
Accordingly, businesses should take steps to minimise their exposure to such claims by:
a)reviewandunderstandtheirobligationsunderrelevant legislation,suchastheFWActandhumanrightslegislation like the SDAct;
b)reinforcingtheneedforappropriatelydraftedandcompliant contractsandworkplacepolicies,especiallythoseinrelation todiscrimination,harassmentandworkplacegrievances;and
c)confirming that staf members are trained and aware of policies and their obligations within those policies.
Businesses need to be aware of the vicarious liability which may be imposed against employers where they have failed to take “all reasonable steps” to prevent the unlawful conduct.
If you would like further information about the above cases or how our dedicated and experienced team of workplace relations practitioners can minimise the risk (and severity) of such claims for you, and your insureds, please contact us.
22  FCCA 875.
What is your duty of care with clinical trials of innovative techniques and therapeutic goods?
Limited.29 The proceedings are brought on behalf of persons who had certain hip implant surgery performed on them in Australia. DePuy manufactured, and Johnson and Johnson distributed the hip implants in Australia. A hearing was listed for 9 weeks, to commence in June this year, with 45 to 50 witnesses to be called, and is likely to involve matters of scientific complexity. The proceedings were adjourned and are now to be heard in early
2015, with a revised estimate of 16 – 18 weeks.
By Alison Choy Flannigan, Partner, Zara Officer, Special Counsel and Vahini Chetty, Associate
It is well-established that an individual’s consent is always required before treatment is rendered. In the absence of obtaining the individual’s consent, the treating practitioner may be held liable for trespass to person, assault or battery.23
For study participant consent to be valid, the treating practitioner is under an obligation to sufficiently inform the participant of the material risks involved in that treatment to allow the individual to make an informed decision with respect to whether or not they choose to undergo the treatment.24 The risks must be communicated to the individual having regard to the individual’s capacity to understand the information provided.25
Clinical trial guidelines published by the Australian Government National Health and Medical Research Council state that patients must be provided with sufficient information for them to adequately understand the proposed research and the implications of participating in it.26
Issues of obtaining valid consent differ from country to country depending on the cultural context. Laws relating to clinical trials vary between countries.
Case law for injuries arising out of clinical trials is rare. In the event of claims, settlements are often reached outside of court. However, those conducting clinical trials may be subject to penalties imposed by regulatory bodies.
Duty of Care
Regulatory Body Penalties
The case of Jesse Gelsinger is an example30. Jesse, aged 18 years, had a rare genetic disease, ornithine transcarbamylase deficiency, which affected his body’s ability to rid itself of ammonia. He voluntarily participated in a study with the University of Pennsylvania which aimed to deliver the necessary gene to correct the condition by way of a weakened adenovirus injection. The idea was that the adenovirus would deliver the gene to the body. Four days after receiving the injection, Jesse passed away. The gene therapy in question had previously been tested on mice, monkeys and baboons. Several of the monkeys died as a result of an intense immune system reaction – similar to that which led to Jesse’s death. A public inquiry was convened and amongst other things, it was found that the administrators of the study had breached the informed consent requirements as the consent document Jesse signed deviated from FDA form in that it made no mention of the fact that several other patients had experienced serious side effects from the therapy or that severe immune responses had led to the deaths of 3 monkeys. Jesse’s family commenced legal proceedings against the university following the inquiry, however, the case was settled out of court for an undisclosed sum. The university was fined and had research restrictions imposed upon it.
In that case there was also less than adequate disclosure of financial interests and conflicts of interest. Wilson, director of the Penn Institute where Gelsinger was treated, owned stock in a company, Genovo, that provided financing for the Institute.
The Clinical Trials Handbook published by the Australian Therapeutic
Goods Administration states that the obligation of a sponsor of a
In Australia, health care practitioners owe the same duty of care for clinical trials as other medical treatment, however, the standard of care widely accepted by peer professional opinion as competent professional practice is more difficult to prove for innovative techniques.27 That is why Medicine Australia has developed compensation guidelines and standard indemnities.28
To illustrate the complexity of litigation in the area of innovative technology, there is currently a representative case (also known as a class action) before the Federal Court at Sydney, Stanford &Anor v DePuy International Limited and Johnson & Johnson Medical Pty
clinical trial involving therapeutic goods is to obtain informed consent.
In 2009 in Nigeria, the Attorney General commenced proceedings against Pfizer31 that had administered an experimental oral antibiotic called Trovan to a hundred children during a cerebral spinal meningitis epidemic. The drug had been tested on a limited scale in the United States and Europe but had not been through all of the requisite phases of testing at the time it was administered in Nigeria. Five children died following their receipt of the drug.
Hart v Herron (1984) Aust Tort Reports 80-201.
See Chatterton v Gerson (1981) QB 432.
See Rogers v Whitaker (1992) 175 CLR 479 and Wallace v Kam  HCA 19.
National Statement on Ethical Conduct in Human Research, Chapter 2.3
Section 5O, Civil Liability Act 2002 (NSW); see also equivalent legislation in other States
Federal Court, NSD 213/2011.
See “Dangerous Promise of Gene Therapy”, Sophia M Kolehmainen, www.
actionbioscience.org/biotechnology/kolehmainen.html; “Death but one unintended consequence of gene-therapy trial”, Barbara Sibbald, CMAJ, May 29, 2001, 164(11):1612; “Gene Therapy Trial and Errors Raise Scientific, Ethical and Oversight Questions”, Fran Pollner, The NIH Catalyst January-February 2000.
See “Pfizer pays out Nigerian families of meningitis drug trial victims”, David Smith, The
Guardian, Friday 12 August 2011; http://www.pfizer.com/files/news/trovan_fact_sheet_ final.pdf.
Pfizer argued that meningitis and not its antibiotic had led to the deaths. The drug company states that consent was obtained from the parents and guardians of the children prior to the drug having been administered. However, ethics committee approval was never obtained. Part of the ethics committee role would have been to ensure that the proper avenues were followed in order to ensure that consent was validly obtained. The company stated that this was because Nigeria’s laws at the time did not require such approval. The company eventually set up a compensation fund for the parents of deceased children who had been administered the drug. In 2009 Pfizer reached a tentative out of court settlement with the Kano State government worth $75 million.
Finally, in emergency situations where there has been an outbreak or epidemic, the rules are sometimes relaxed. The World Health Organisation has recently endorsed the use of an experimental vaccine, ZMapp in fighting the Ebola outbreak in West Africa. The single ascending dose portion has not as yet been approved for trials in humans. It remains to be seen whether the treatment will have the desired effect on infected patients. Given the severity of the disease, the mortality rate and the lack of treatment options it is unlikely that patients will refuse the treatment on the grounds that it is experimental. However, the golden rule of obtaining the informed consent of all those being administered the drug will still apply.32
“Zmapp Ebola Treatment: What to know about the experimental drug made from tobacco”, Treye Green, International Business Times, 6 August 2014;
“Ebola Virus: Experimental drugs approved for use in fighting outbreak in West Africa”
Betsy Mckay & Peter Loftus, 13 August 2014, Wall Street Journal online;
“Questions and answers on experimental treatments and vaccines for Ebola”, Centres for Disease Control and Prevention, 8 August 2014.
Late diagnosis and surgical complications – identifying relevant risk - is the radiologist liable for failing to diagnose? Paul v Cooke33 By Zara Officer, Special Counsel and Vahini Chetty, Associate
Mrs Paul underwent a scan to determine whether she had a berry aneurysm in 2003, which her radiologist, Dr Cooke failed to diagnose at the time. In 2006, Mrs Paul underwent a further scan in which the aneurysm was detected.
Following her diagnosis, Mrs Paul underwent removal of the aneurysm in 2006 during the course of which the aneurysm ruptured, causing her to suffer a stroke. Dr Cooke had no involvement in that surgery.
Mrs Paul subsequently brought proceedings against Dr Cooke alleging that he was negligent in failing to diagnose the aneurysm in 2003 holding him responsible for the stroke.
Based on the evidence that in 2003 a procedure known as clipping was used to remove such aneurysms and that in 2006, a different procedure known as coiling was used, Mrs Paul argued that in the event she had undergone surgery in 2003, she would have avoided the injury.
Clipping involved open brain surgery whereas coiling was a procedure performed through the arteries. Although both procedures carried an approximately equal inherent risk of rupture, there was found to have been an increased risk of stroke in the event of rupture with coiling as there was greater access to minimise damage from the rupture during clipping by virtue of it being an open brain procedure.
Rupture and stroke were an inherent risk in both surgeries and could not be avoided with the exercise of reasonable care and skill.
The Court found that had there been a correct diagnosis in 2003, Mrs Paul would willingly have faced the risk of surgery then.
The evidence indicated that the delayed diagnosis did not itself increase the risks associated with surgery in that Mrs Paul’s aneurysm did not change in size, shape or propensity to rupture during those three years.
The Court concluded that Mrs Paul’s condition pre-dated Dr Cooke’s failure to diagnose and the relevant risk – the risk of surgery - only arose after the aneurysm had been diagnosed. Although Dr Cooke had breached his duty to Mrs Paul by failing to diagnose her in 2003, this failure did not cause the stroke Mrs Cooke suffered during her surgery. Dr Cooke did not create the relevant risk and the risk could never materialise until Ms Paul chose to undergo surgery.
Dr Cooke was not held liable for the harm suffered by Mrs Paul despite his failure to diagnose as there was no causal connection.
See Paul v Cooke  NSWCA 311, where ss. 5D(1) and 5I Civil Liability Act 2002 (NSW) are discussed.
MEET THE TEAM
Alison Choy Flannigan +61 2 9390 8338 • firstname.lastname@example.org For the sixth year in a row, Alison has been selected by her peers for inclusion on the Best Lawyers list for Australia in the practice area of Health and Aged Care. Having been part of the health care industry Alison has an in-depth understanding of the health industry and brings specialist legal expertise as well as commercial acumen and solutions. She also appreciates that issues for health care providers often require urgent attention and makes herself available to her clients whenever she is needed. She has a passion and dedication to the industry which goes way beyond just being a lawyer in private practice – she strives to become the trusted advisor of her clients.
Grant Hansen +61 2 9390 8000 • email@example.com Grant has over 25 years of legal experience. Grant leads our intellectual property team. He has extensive intellectual property experience and can provide advice on copyright, trademarks, “passing off”, confidentiality, computer software licensing and development. Grant acts for a number of major software companies and antipiracy organisations and advises those organisations on their anti- piracy enforcement strategies. He has also conducted major litigation relating to unsuccessful software deployments. Grant has been involved in the preparation of policy advice and submissions to Government inquiries into intellectual property issues including the recent Attorney General’s inquiry into technological protection measures and the Australian Law Reform Commission’s inquiry into the digital economy and the Copyright Act, including a general fair use defence.
Alison Choy Flannigan
Partner – Corporate and commercial, regulatory, Health, aged care and life sciences
T: +61 2 9390 8338
Partner – Corporate and commercial, retirement homes and aged care
T: +61 2 9390 8331
John Van de Poll
Partner – Medical malpractice and discipline T: +61 2 9390 8406
Partner – Workplace relations T: +61 2 9390 8419
Special Counsel – Medical malpractice and discipline T: +61 2 9390 8427
Special Counsel – Corporate and commercial, Health, aged care and life sciences
M: +61 412 868 174
Senior Associate - Corporate and commercial, regulatory, Health, aged care and life sciences
T: +61 2 9390 8352
Partner – Medical malpractice and discipline T: +61 3 9691 1222
Partner - Medical malpractice and discipline T: +61 7 3235 0102
For editorial enquiries or if you wish to reproduce any part of this publication please contact
Alison Choy Flannigan, Partner on +61 2 9390 8338 or firstname.lastname@example.org
Editor: Alison Choy Flannigan Subeditor: Joann Yap
For all other enquiries please contact Meta Lustig +61 2 9390 8456 or email@example.com
Level 17 Angel Place 123 Pitt Street
Sydney NSW 2000
Phone +61 2 9390 8000
Fax +61 2 9390 8390
200 Queen Street
Melbourne VIC 3000
Phone +61 3 9691 1200
Fax +61 3 9642 3183
175 Eagle Street
Brisbane QLD 4000
Phone +61 7 3235 0100
Fax +61 7 3235 0111
The contents of this publication is general in nature and should not be relied upon as legal advice. No reader should act on information contained within the publication without first consulting us.
© Holman Webb, August 2014