SIDNEY I. SCHENKIER, Magistrate Judge.
This case concerns allegations that defendant LifeWatch Services, Inc. ("LifeWatch") violated the False Claims Act ("FCA"), 31 U.S.C. § 3729, et. seq., and related state statutes by submitting to the government claims for reimbursement for heart monitoring services that it knew violated the laws and regulations of Medicare and other government health insurance programs. On October 19, 2015, we denied (with one minor exception) Life Watch's motion to dismiss the Amended Complaint (doc. # 37: Compl.), holding that plaintiff-relator Matthew Cieszyski ("plaintiff" or "relator") had stated a claim under the FCA (doc. # 66: Memorandum Opinion and Order). LifeWatch answered the complaint (doc. # 71: Answer) and subsequently filed an amended one-count counterclaim alleging that plaintiff breached both a confidentiality agreement and a privacy policy he signed as part of his employment with LifeWatch because, as part of pursuing this FCA matter, relator took and disclosed to the government LifeWatch's confidential information (doc. # 89: Counterclaim). Plaintiff has moved to dismiss the Counterclaim (doc. # 90: Motion to Dismiss), arguing that allowing the counterclaim to proceed could violate public policy, that the confidentiality agreement on which LifeWatch relies is overbroad and unenforceable, and that the "privacy policy" invoked by LifeWatch is not a contract that supports an allegation of breach. LifeWatch has responded to the motion (doc. # 91: Opposition), and plaintiff has filed a reply (doc. # 92: Reply). For the following reasons, we grant the motion to dismiss.
As we stated in our previous opinion, a motion to dismiss pursuant to Rule 12(b)(6) challenges the sufficiency of the complaint. Hallinan v. Fraternal Order of Police of Chi. Lodge No. 7, 570 F.3d 811, 820 (7th Cir. 2009). A Rule 12(b)(6) motion to dismiss a counterclaim is subject to the same standard as a motion to dismiss a complaint. Northern Trust Co. v. Peters, 69 F.3d 123, 127 (7th Cir. 1995). We therefore construe all well-pleaded allegations of the counterclaim in the light most favorable to LifeWatch, United Central Bank v. Davenport Estate, LLC, 815 F.3d 315, 317 (7th Cir. 2016), drawing all reasonable inferences in LifeWatch's favor. Hecker v. Deere & Co., 556 F.3d 575, 580 (7th Cir. 2009), cert. denied, 558 U.S. 1148 (2010).
That said, to survive a motion to dismiss under Rule 12(b)(6), a counterclaim not only must provide fair notice of the claim's basis, but also must state facts showing that the requested claim is plausible, and not just possible, on its face. Bell Atl. v. Twombly, 550 U.S. 544, 570 (2007). While the counterclaim need not set forth "detailed factual allegations," "[t]hreadbare recitals of the elements of a cause of action, supported by mere conclusory statements, do not suffice." Ashcroft v. Iqbal, 556 U.S. 662, 678 (2009).
A court may consider documents attached to the counterclaim without converting the motion into one for summary judgment. Bible v. United Student Aid Funds, Inc., 799 F.3d. 633, 640 (7th Cir. 2015). LifeWatch has attached to its counterclaim copies of plaintiff's 2003 offer letter to work at LifeWatch, the confidentiality agreement he signed shortly thereafter, and a signature page he signed in 2006 confirming that plaintiff read a document called "Master Privacy Package." The actual privacy package referenced on the signature page is not attached to the counterclaim or motion.
We accept as true the following facts from the counterclaim:
In September 2006, plaintiff signed an "acknowledgement and signature page" agreeing that he had "read the summary document titled `Master Privacy Package' ["Privacy Policy"] that contains HIPAA information and obligations" (Counterclaim Ex. 3). The document stated "I certify that I understand the need to secure PHI [Protected Health Information] and that further/additional policy documents will be forthcoming, but that my obligation to comply with HIPAA regulations and report violations is immediate and based on the information summarized herein" (Id.). Plaintiff does not challenge defendant's assertions that LifeWatch is a "covered entity" under HIPAA, or that some of the materials plaintiff is accused of providing the government contain PHI that is protected under HIPAA. LifeWatch alleges that plaintiff expressly agreed to comply with the Privacy Policy as part of his employment contract; plaintiff disagrees that the Privacy Policy constitutes a binding contract. Relator notes that defendant did not attach the Privacy Policy to the counterclaim; and, defendant has not explained how the Privacy Policy became part of plaintiff's employment agreement when he signed the acknowledgment of receiving it more than three years after he began his employment.
LifeWatch alleges that, without LifeWatch's knowledge or approval, relator accessed certain Confidential Information and HIPAA-protected materials that he did not need to carry out his own job duties (Counterclaim, at ¶ 14). Further, LifeWatch contends that "[r]elator disclosed Confidential Information to HIPAA-protected materials, or the content thereof, to third parties outside LifeWatch" (Id., at ¶ 16). LifeWatch does not identify the third parties who received it, but we may reasonably infer that relator provided information to the government and his own attorney as evidence supporting his allegations that LifeWatch violated the FCA. LifeWatch makes no allegation that relator gave any Confidential Information or HIPAA-protected material to any third party other than the government or relator's counsel, or that he did so for any purpose other than to pursue his qui tam claim against LifeWatch.
The only document LifeWatch specifically identifies as Confidential Information that plaintiff accessed and provided to third parties is a spreadsheet containing PHI and other information about approximately 52,000 patients who received heart monitoring services from LifeWatch in 2012 (Counterclaim, at ¶¶ 14, 19). Some of the patients listed on the spreadsheet were not insured by government insurers (Id.).
Plaintiff argues that a number of public policy and statutory exceptions insulate him from LifeWatch's allegations that he has breached the Confidentiality Agreement and the Privacy Policy. LifeWatch does not dispute the existence of such exceptions, but argues that they do not apply to the facts of this case.
The parties agree that both federal and Illinois law recognize a public policy that protects whistleblowers from retaliation for actions they take in investigating and reporting fraud to the government (Mot. to Dismiss at 5, Response at 2). See, e.g., Fanslow v. Chicago Mfg. Center, Inc., 384 F.3d 469, 481 (7th Cir. 2004) ("Congress intended to protect employees from retaliation while they are collecting information about a possible fraud, before they have put all the pieces of the puzzle together"). With respect to counterclaims against relators, courts in this district have recognized a "strong policy of protecting whistleblowers who report fraud against the government." U.S. v. Cancer Treatment Centers of America, 350 F.Supp.2d 765, 773 (N.D. Ill. 2004). At the same time, courts have recognized that a qui tam defendant "may maintain a claim [against a relator] for independent damages; that is, a claim that is not dependent on a finding that the qui tam defendant is liable." United States ex rel. Miller v. Bill Harbert Int'l Constr., Inc., 505 F.Supp.2d 20, 26 (D.D.C. 2007), cited in U.S. ex rel. Wildhirt v. AARS Forever, Inc., No. 9 C 1215, 2013 WL 5304092 (N.D. Ill. September 19, 2013). In a counterclaim alleging breach of contract against an FCA relator, some courts have measured the independence of the counterclaim through the lens of whether "[r]elators' retentions and disclosures went beyond the scope of those necessary to pursue their qui tam suit." Wildhirt, 2013 WL 5304092, at *6.
However, in deciding whether plaintiff's actions went beyond the scope of what was necessary for his qui tam case, we must balance the need to protect whistleblowers and prevent chilling their attempts to uncover fraud against the government against an employer's legitimate expectations that its confidential information will be protected. Walsh v. Amerisource Bergen Corp., No. Civ.A 11-7584, 2014 WL 2738215 at *6 (E.D. Pa., June 17, 2014) (noting that courts "have focused on the reasonableness and scope of the plaintiff's disclosure in determining whether to permit counterclaims in an FCA action"). After considering the parties' arguments and the cases they cite, we hold that LifeWatch has failed to state a claim for breach of contract against plaintiff. Even viewing all well-pleaded allegations in the light most favorable to LifeWatch, the counterclaim fails to create a plausible claim that plaintiff's actions deprived him of the public policy protections afforded qui tam relators who must collect and disclose documentary evidence to support their suspicions of fraud against the government.
The parties devote the bulk of their briefs arguing whether plaintiff's retention and disclosure of documents did, or did not, go beyond what he needed to support his suspicions, thus depriving him of the protections of public policy. Not surprisingly, the plaintiff argues that the facts of Wildhirt (in which the court allowed the counterclaim to proceed), are distinguishable and do not provide justification for departing from well-established public policy protection for whistleblowers. LifeWatch, of course, contends that Wildhirt should guide our decision to allow the counterclaim to go forward.
The district court in Wildhirt found that the counterclaims were independent of the FCA claim "particularly given the extremely broad scope of documents and communications that Relators are alleged to have retained and disclosed." Wildhirt, 2013 WL 5304092 at *6. In that case, the relators admitted to taking home confidential and HIPAA-protected documents "haphazardly and for no particular purpose." Id. at *3. The relators had no intention of filing a qui tam lawsuit when they took the documents, and failed to return them after they left their jobs. Id. Additionally, relators disclosed the documents not only to their attorney and the government, but also made them public. Id. Based on the nature of relators' treatment of the confidential documents and their lack of initial intent to file a qui tam action, the Wildhirt court refused to dismiss counterclaims alleging that the relators violated employee confidentiality, non-compete and HIPAA agreements.
This case involves a factual situation far different from that presented in Wildhirt. First, LifeWatch does not allege that relator took documents for any reason other than to support his FCA claim, or that the documents were made public or given to any third party other than the government and his counsel. That is, there are no allegations of acts that caused independent damages such as the allegations that supported the counterclaims in Wildhirt.
Likewise, the other cases on which LifeWatch relies also involved relators who engaged in behavior that caused damages that went beyond exposing defendant to a qui tam suit. For example, in Walsh v. Amerisource Bergen Corp., No. Civ.A 11-7584, 2014 WL 2738215 (E.D. Pa., June 17, 2014), the relator had no justification in response to allegations that he took and disclosed to the public and others documents that were protected by the attorney-client privilege. Further, the counterclaim alleged that the documents contained trade secrets, the public disclosure of which could cause irreparable business harm. And in In Ruscher v. Omnicare, Inc., 4:08-cv-3396, 2015 WL 4389589, (S.D. Tex., July 15, 2015), the plaintiff admitted taking a "large variety of documents," some of which were protected by the attorney-client privilege and also of inducing co-workers to take additional documents for her after she was terminated. By contrast, LifeWatch's counterclaim alleges no damages resulting from relator's actions other than the fees and costs associated with pursuing the counterclaim — which is a self-inflicted wound.
Second, although LifeWatch argues that relator took many more documents than were necessary to support his claim, it has made the claim of overreaching with respect to only one specific document — a spreadsheet that LifeWatch admits does contain relevant information. LifeWatch's allegations of overreaching stem from the fact that the spreadsheet contains information about patients insured by both government insurers (which is concededly relevant), and private insurers (which LifeWatch claims is not relevant). LifeWatch argues that because relator's claim involves only requests to the government for reimbursement, supplying information concerning submissions to private insurers exposes relator to liability (Resp. at 5).
We disagree. It is unrealistic to impose on a relator the burden of knowing precisely how much information to provide the government when reporting a claim of fraud, with the penalty for providing what in hindsight the defendant views as more than was needed to be exposure to a claim for damages. Given the strong public policy encouraging persons to report claims of fraud on the government, more is required before subjecting relators to damages claims that could chill their willingness to report suspected fraud. And here, LifeWatch fails to allege there is more, as there was in Wildhirt and other cases invoked by LifeWatch. Relator did not disclose the information to anyone other than the government and his attorney, did not disclose attorney-client information, and did not disclose trade secret information to LifeWatch's competitors. We hold that on these allegations, relator did not go so far that he has exposed himself to defendant's breach of contract action. To allow a counterclaim based on the barest allegation that a relator took more documents than absolutely necessary would gut the strength and purpose of the public policy exception, which protects relators from retaliation by their employers for actions taken by relators "while they are collecting information about a possible fraud, before they have put all of the pieces of the puzzle together." Fanslow, 384 F.3d at 481.
LifeWatch also alleges that evidence of overreaching arises from the fact that plaintiff continued to collect documents while the government was investigating his claims and also after the Department of Justice decided not to intervene, suggesting that plaintiff's actions violated the Federal Rules of Civil Procedure (Counterclaim, at ¶ 20). LifeWatch repeats that assertion in its brief (Resp. at 4-5), but offers no legal authority in support of this contention and does not provide anything but the most bare allegations that plaintiff continued to amass information during these time periods. These allegations are insufficient to allow the counterclaim to stand.
Next, we find that LifeWatch has failed to state a claim based on plaintiff's alleged breach of the Privacy Policy. Notably, LifeWatch does not address — and thus does not dispute — plaintiff's argument that the Privacy Policy is not a contract at all. Instead, LifeWatch contends, without authority, that we should find that the Privacy Policy is part of relator's employment contract and treat the disclosure of HIPAA-protected information the same as we would Confidential Information (Opp. at 4).
At the threshold, we find that LifeWatch has failed to plead enough facts to support its allegation that the Privacy Policy was part of relator's employment agreement. LifeWatch has not provided a copy of the document, described its terms or the consideration relator was given in exchange for his signature, or otherwise given any reason for the Court to infer that the Policy, signed more than three years after relator's employment began, was a part of his employment contract. But even assuming that the Privacy Policy is a contract capable of being breached by relator, we have already concluded that relator's limited and narrow disclosure of documents to the government is entitled to public policy protection that bars a counterclaim by LifeWatch. That the spreadsheet also may contain information protected by HIPAA (whether the patients have private or government insurers) does not change our analysis. That is particularly so because the HIPAA regulations themselves contain a safe harbor for employees who disclose protected health information to a government agency or attorney, if such employee has a good faith belief that the HIPAA-covered employer has engaged in unlawful conduct. 45 C.F.R. § 164.502(j). LifeWatch does not allege that relator was acting with anything other than a good faith belief that LifeWatch had violated the FCA. We conclude that LifeWatch has failed to state a claim based on breach of the Privacy Policy.
For the foregoing reasons, we grant plaintiff's motion to dismiss the counterclaim (doc. # 90); we do so without prejudice. Because we dismiss the counterclaim based on the grounds set forth above, we do not address the other challenges plaintiff raised to the counterclaim. It is so ordered.