Doe v. The University of Maryland Medical System Corporation
MEMORANDUM AND ORDER Granting 25 Motion to Remand. Signed by Judge Richard D. Bennett on 11/13/2023. (c/m 11/13/2023 bas, Deputy Clerk)
IN THE UNITED STATES DISTRICT COURT
FOR THE DISTRICT OF MARYLAND
JANE DOE, on behalf of herself
and all others similarly situated ,
UNIVERSITY OF MARYLAND
CIVIL NO. RDB-23-0690
On January 23, 2022, Plaintiff Jane Doe (“Plaintiff” or “Doe”) initiated this putative
class-action suit, filing a four-count Complaint against Defendant University of Maryland
Medical System Corporation (“Defendant” or “UMMS”) for various claims stemming from
Defendant’s alleged violation of its patients’ medical privacy rights in the Circuit Court for
Baltimore City. (ECF No. 4.) Specifically, in her First Amended Complaint (ECF No. 6),
Plaintiff alleges Interception of Electronic Communications in Violation of the Maryland
Wiretap Act, MD. CODE ANN., CTS. & JUD. PROC. § 10-402 (Count I); Breach of Implied in
Fact Contract (Count II); Unjust Enrichment (Count III); and Invasion of Privacy—
Unreasonable Intrusion upon the Seclusion of Another (Count IV). (Id. at 64, 69, 77, 78.) On
March 13, 2023, UMMS removed the action to this Court pursuant to 28 U.S.C. § 1442(a)(1),
(ECF No. 1), contending that it was acting under a federal officer authority in furtherance of
a federal objective. Specifically, UMMS contends that when it digitized patients’ records it was
in furtherance of a federal objective.
Pending before this Court is Plaintiff’s Motion to Remand (ECF No. 25). Defendant
responded in opposition, (ECF No. 28), and Plaintiff replied. (ECF No. 32.) The parties’
submissions have been reviewed and no hearing is necessary. Loc. R. 105.6 (D. Md. 2023).
For the reasons explained below, Plaintiff’s Motion to Remand (ECF No. 25) is GRANTED.
Quite simply, voluntary compliance with a federal program does not confer federal officer
jurisdiction to this Court.
Plaintiff, who is a patient of Defendant and received treatment at the University of
Maryland Medical Center, brought this action against Defendant UMMS in the Circuit Court
for Baltimore City on January 23, 2023. (ECF No. 6 at 1, 5; ECF No. 4 at 84.) Plaintiff alleges
that, without patients’ consent, Defendant intentionally embedded its websites with data
collection tools that intercepted patients’ protected health information and automatically
disclosed it to third parties in violation of patients’ rights. (ECF No. 6 ¶ 4.)
Plaintiff asserts that UMMS encourages patients, including Jane Doe, to use its websites
to obtain healthcare services and designs its home page for patient use by including tools such
as “Find A Doctor,” “Health Services,” and “Patient Portal.” (Id. ¶¶ 21–22.) Defendant’s
“Patient Portal” enables patients to make appointments, access medical records, view lab
results, and exchange communications with healthcare providers. (Id. ¶ 23.) According to
Plaintiff, software code, cookies, and tracking pixels on Defendant’s websites secretly collected
these communications and other protected healthcare information without patients’
knowledge or consent and disclosed that data to third-party marketing companies, including
Facebook and Google. 1 (Id. ¶¶ 25–26, 76.) Plaintiff asserts that such disclosures enabled
third-party marketers to directly receive private information, make reasonable inferences about
patients’ medical conditions, and produce targeted advertisements based on those inferences. 2
(Id. ¶¶ 33, 39.) Plaintiff alleges that Defendant received the benefit of the targeted
advertisements that third parties produced using patients’ protected health information. (Id. ¶
Plaintiff asserts that Defendant breached its obligations to patients in six ways by using
embedded software that disclosed patient information to third parties. Specifically, Plaintiff
alleges that Defendant failed to (1) obtain patients’ consent for the disclosure of confidential
information; (2) adequately review its programs to ensure their safety; (3) remove or disengage
software known to share patients’ private information with third parties; (4) block transmission
of patients’ confidential information to third parties; (5) warn Plaintiff and putative class
members that Defendant disclosed their information to third parties; and (6) generally protect
patients’ confidential health information. (Id. ¶ 34.) Finally, Plaintiff alleges that Defendant
violated patients’ reasonable expectation of privacy in their personal health information. (Id.
Plaintiff alleges that the data collection tools on Defendant’s website included Meta Pixel, Google Analytics,
and Google Tag Manager. (ECF No. 6 ¶¶ 33, 60.)
2 Plaintiff alleges that Defendant intercepted and disclosed the following private information to third parties:
Plaintiff’s and Class Members’ status as patients; Plaintiff’s and Class Members’ communications with
Defendant via its websites; Plaintiff’s and Class Members’ use of Defendant’s patient portal; Plaintiff’s and
Class Member’s searches for information regarding specific medical conditions and treatments, their medical
providers, and their physical location; Plaintiff’s and Class Member’s IP addresses, names, phone numbers, and
Facebook identification. (ECF No. 6 ¶¶ 129, 146.)
On March 13, 2023, Defendant removed the action to this Court. (ECF No. 1.)
Defendant alleges that federal officer jurisdiction attaches because (1) Defendant is a person
within the meaning of the federal officer removal statute; (2) Defendant used tracking software
to improve patient engagement and access in compliance with federal initiatives centered on
Medicare and Medicaid, including the Promoting Interoperability Program 3 and the MeritBased Incentive Payment System (“MIPS”); and (3) Defendant plans to assert colorable
federal defenses, including preemption, to Plaintiff’s claims. (Id. ¶ 15.) Defendant also notes
that courts have upheld federal officer jurisdiction in class actions against similarly situated
healthcare defendants. (Id. ¶ 16.)
UMMS alleges that it is a longstanding participant in Medicare and Medicaid incentive
programs and forms part of a private sector collective helping the federal government improve
healthcare information technology infrastructure. (Id. ¶ 32.) Specifically, Defendant asserts that
its use of patient portals and Facebook’s Meta Pixel throughout its website promotes user
engagement in furtherance of the federal government’s information technology infrastructure
initiative. (Id. ¶ 38.) Defendant argues that this implementation of third-party services on its
websites in exchange for federal payments and direction through federal programs is akin to
the exchange of services in a government-contractor relationship. (Id. ¶ 34.) Defendant also
asserts that it plans to raise colorable federal defenses that any information disclosed was not
protected by the Health Insurance Portability and Accountability Act (“HIPAA”), and
Plaintiff’s state-law claims are preempted. (Id. ¶ 42.)
The Promoting Interoperability Program was formerly titled the Meaningful Use Program. (ECF No. 25 ¶
On April 12, 2023, Plaintiff moved to remand the action to the Baltimore City Circuit
Court. (ECF No. 25.) On May 10, 2023, Defendant filed a Response in Opposition to
Plaintiff’s Motion to Remand, (ECF No. 28), with Plaintiff replying on June 8, 2023. (ECF
No. 31.) This matter is ripe for review, and for the reasons set forth below, Plaintiff’s Motion
to Remand (ECF No. 25) is GRANTED.
STANDARD OF REVIEW
The federal officer removal statute, 28 U.S.C. § 1442(a)(1), authorizes removal of “a
civil action or criminal prosecution that is commenced in a State court and that is against or
directed to . . . [t]he United States or any agency thereof or any officer (or any person acting
under the officer) of the United States or of any agency thereof, in an official or individual
capacity, for or relating to any act under color of such office.” 28 U.S.C. § 1442(a)(1). When
considering motions to remand, courts must interpret the federal officer removal statute
broadly. See Arizona v. Manypenny, 451 U.S. 232, 242 (1981) (citing Willingham v. Morgan, 395
U.S. 402, 407 (1969)). The Supreme Court has held that “the right of removal is absolute for
conduct performed under color of federal office, and . . . the policy favoring removal ‘should
not be frustrated by a narrow, grudging interpretation of § 1442(a)(1).’” Id. (citations omitted).
Accordingly, when a case has been removed pursuant to Section 1442, “the district court may
remand it back to state court only if it thereafter discovers a defect in removal procedure or a
lack of subject matter jurisdiction in the federal court.” Jamison v. Wiley, 14 F.3d 222, 238–39
(4th Cir. 1994) (citing 28 U.S.C. § 1447(d)).
“The burden of establishing federal jurisdiction is placed on the party seeking removal.”
Mulcahey v. Columbia Organic Chems. Co., 29 F.3d 148, 151 (4th Cir. 1994) (citing Wilson v. Republic
Iron & Steel Co., 257 U.S. 92, 97 (1921)). To sustain removal under § 1442, a defendant must
satisfy three elements. First, the defendant must demonstrate that it is “an officer of the United
States or ‘acting under’ a federal officer within the meaning of the statute.” Mayor and City
Council of Balt. v. BP P.L.C., 388 F. Supp. 3d 538, 567 (D. Md. 2019) (citing Sawyer v. Foster
Wheeler LLC, 860 F.3d 249, 254 (4th Cir. 2017)). Second, the defendant must establish a causal
nexus between its challenged conduct and official authority by showing that the conduct
occurred “for or relating to” official federal authority. Id. (citing 28 U.S.C. § 1442(a)(1)).
Finally, the defendant must also assert “a colorable federal defense.” Id. (citing Sawyer, 395 U.S.
at 254). While the court must construe facts alleged in support of the defendant’s colorable
federal defense as true, the defendant bears the burden to allege facts sufficient to allow the
court to conclude that such a defense is plausible. North Carolina v. Ivory, 906 F.2d 999, 1001
(4th Cir. 1990); Jefferson Cnty. v. Acker, 527 U.S. 423, 432 (1999).
Plaintiff asserts that federal officer removal is improper because Defendant fails to
show that it was “acting under” federal authority and fails to raise colorable federal defenses.4
(ECF No. 25 at 19.) Specifically, Plaintiff argues that the Promoting Interoperability Program
does not delegate authority to hospitals, require hospitals to maintain a public facing website,
demand hospitals install software code that tracks and discloses patient information, or offer
Because Plaintiff correctly asserts that Defendant has failed to demonstrate it acted under federal authority,
this Court need not evaluate whether Defendant has raised colorable federal defenses.
guidance to hospitals regarding how to achieve patient accessibility. (Id. at 17.) Plaintiff thus
asserts that Defendant’s use of tracking software constituted voluntary participation in a
federal program rather than activity under federal authority. (Id. at 19, 21.) Plaintiff argues that
despite the incentive payments Defendant received, the voluntary nature of the Promoting
Interoperability Program demonstrates that the federal government would not have
independently undertaken the task of improving the interoperability of Defendant’s websites
absent Defendant’s participation in the program. (Id. at 19, 24.) Similarly, Plaintiff argues that
Defendant’s compliance with regulations is not alone sufficient to demonstrate that Defendant
acted under federal authority. (Id. at 26–27.)
UMMS responds that it properly asserted federal officer jurisdiction because it “acted
under” the federal Health Information Technology for Economic and Clinical Health
(“HITECH”) Act and the Office of the National Coordinator for Health Information
Technology (“ONC”). 5 (ECF No. 28 at 10); 42 U.S.C. § 300jj et seq.; 42 U.S.C. § 300jj-11(a).
Defendant asserts that it used tracking software on its website directly in furtherance of the
Promoting Interoperability Program and related Meaningful Use regulations. (ECF No. 28 at
11–12.) Defendant asserts that it developed its patient portal in accordance with ONC
oversight and in exchange for federal incentive payments. (Id. at 13, 14, 17–18, 25.) Defendant
argues that its relationship with the federal government exceeded mere compliance with
federal initiatives and more closely mirrored a government-contractor relationship. (Id. at 20.)
Finally, Defendant asserts that increasing access to health records is a basic governmental task
Defendant also argues that it asserts colorable federal defenses. As noted above, the Court need not reach this
contention because Defendant has failed to demonstrate that it “acted under” federal authority.
because the government was obligated to complete such access on its own even absent
Defendant’s assistance. (Id. at 22–23.) In support of this assertion, Defendant cites federal
regulations that require the creation of a federal program to facilitate the electronic use of
health information even absent assistance from the private sector. (Id. at 23.)
Defendant has not fulfilled the “acting under” element of Section 1442.
For the purposes of § 1442, “acting under” federal authority requires a private person
to act “under the ‘subjection, guidance, or control’ of a federal officer which ‘must involve an
effort to assist, or to help carry out, the duties or tasks of a federal superior.’” Watson v. Philip
Morris Cos., Inc., 551 U.S. 142, 150 (2007) (quoting Colorado v. Symes, 286 U.S. 510, 517 (1932));
see also Beauford v. Johns Hopkins Health Syst. Corp., Civ. No. JKB-23-0660, --F. Supp. 3d--, 2023
WL 4237373, at *3 (D. Md. Jun. 28, 2023). As this Circuit has recognized, a private actor is
“acting under” federal authority when it acts to fulfill “a basic governmental task, under the
government’s control or subjection, that the government would otherwise have to perform
itself.” W. Va. State Univ. Bd. of Governors v. Dow Chem. Co., 23 F. 4th 288, 301–02 (4th Cir.
2022). Similarly, a private actor’s mere compliance with even the most stringent federal
regulations is insufficient to demonstrate that the private actor was “acting under” federal
authority. Id. at 301; see also Watson, 551 U.S. at 153 (“A private firm’s compliance (or
noncompliance) with federal laws, rules, and regulations does not by itself fall within the scope
of the statutory phrase ‘acting under’ a federal ‘official.’”).
Here, Defendant has not demonstrated that it was “acting under” federal authority for
the purposes of § 1442(a). Defendant merely acted to comply with a federal program—the
Promoting Interoperability Program and concomitant “Meaningful Use” regulations—by
using data collection and analytics tools designed to improve patients’ online access to their
medical information. See 42 C.F.R. §§ 495.2–495.370 (establishing the Meaningful Use
Program and related initiatives). As Judge Bredar of this Court has noted, such voluntary
compliance with a federal program cannot alone confer federal officer jurisdiction. See Beauford,
2023 WL 4237373, at *3 (holding compliance with the Meaningful Use Program does not
confer federal officer jurisdiction); Beltran v. Cedars-Sinai Health Sys., Civ. No. 23-02626-DSFJPRX, 2023 WL 3620740, at *3 (C.D. Cal. May 24, 2023) (holding compliance with the
Meaningful Use Program is not a basis for federal officer jurisdiction).
Defendant’s receipt of incentive payments for its participation in the Promoting
Interoperability Program does not transform its voluntary compliance with a federal program
into a relationship in which Defendant was subject to federal “subjection, guidance, or
control.” Watson, 551 U.S. at 151; see also Beauford, 2023 WL 4237373, at *3; Mohr v. Trs. of Univ.
of Pa., Civ. No-23-0731, 2023 WL 3044594, at *4 (E.D. Pa. Apr. 20, 2023). Rather, the
overwhelming majority of courts to have evaluated federal officer removal based on
participation in the Promoting Interoperability Program have declined to find jurisdiction. See
Doe v. Redeemer Health, 2023 WL 6323089, at *4 n.1 (E.D. Pa. Sept. 28, 2023) (collecting cases).
Defendant also cannot demonstrate that its actions assisted federal officers by fulfilling
a basic governmental task that the government was obligated to complete on its own absent
Defendant’s assistance. Although Defendant notes that the federal government enlisted
private healthcare providers to develop a nationwide infrastructure for electronic exchange of
health information, Defendant cannot show that the government would have created patient
portals or electronic access to health records for Defendant’s patients if Defendant had failed
to do so. As this Court has noted, nothing in the Promoting Interoperability Program
authorizes the federal government to create “interoperable health information technology
infrastructure” on its own. Beauford, 2023 WL 4237373, at *4 (quoting Doe I v. BJC Health Sys.,
Civ. No. 22-919-RWS, 2023 WL 369427, at *4 (E.D. Mo. Jan. 10, 2023)); See, e.g., 42 U.S.C. §
300jj-31(a) (“The Secretary shall . . . invest in the infrastructure necessary to allow for and
promote the electronic exchange and use of health information.”) As such, Defendant cannot
show that its participation in the program fulfilled a basic governmental interest.
Because Defendant fails to meet the first element required to establish federal officer
jurisdiction, Plaintiff’s Motion to Remand (ECF No. 25) is GRANTED.
For the reasons stated above, it is hereby ORDERED this 13th day of
November, 2023, that Plaintiff Jane Doe’s Motion to Remand (ECF No. 25) is GRANTED,
and this case is REMANDED to the Circuit Court for Baltimore City.
Richard D. Bennett
United States Senior District Judge
Disclaimer: Justia Dockets & Filings provides public litigation records from the federal appellate and district courts. These filings and docket sheets should not be considered findings of fact or liability, nor do they necessarily reflect the view of Justia.
Why Is My Information Online?