This website uses cookies to various ends, as detailed in our Privacy Policy. You may accept all these cookies or choose only those categories of cookies that are acceptable to you.

Loading paragraph markers

Stewart v. Demme, 2020 ONSC 83 (CanLII)

Date:
2020-01-06
File number:
CV-17-574574-00CP
Other citation:
63 CCLT (4th) 93
Citation:
Stewart v. Demme, 2020 ONSC 83 (CanLII), <https://canlii.ca/t/j4dfv>, retrieved on 2024-03-29

CITATION: Stewart v. Demme, 2020 ONSC 83

COURT FILE NO.: CV-17-574574-00CP

DATE: 20200106

SUPERIOR COURT OF JUSTICE - ONTARIO

RE:                 PENNY STEWART, Plaintiff

– AND

CATHARINA DEMME and WILLIAM OSLER HEALTH SYSTEM, Defendants

BEFORE:      E.M. Morgan  J.

COUNSEL:   Christopher DuVernet and Carlin McCoogan, for the Plaintiff

Patrick Hawkins and Daniel Girlando, for the Defendant, William Osler Health System

Michael Burgar and Maya Bozorgzad, for the Defendant, Catharina Demme

 

HEARD:        December 11-13, 2019

 

CERTIFICATION, SUMMARY JUDGMENT, CHANGE OF pLAINTIFF

 

[1]               The central question in this motion is whether a privacy violation can be “highly offensive” and actionable even if it is fleeting and causes no harm.

I.          The triple motion

[2]               In this interrelated series of motions, the Plaintiff seeks certification as a class action under the Class Proceedings Act, 1992, SO 1992, c 6 (“CPA”). The Plaintiff also seeks to substitute a new Plaintiff, Chad Letourneau, to serve as representative Plaintiff for the class in place of the current Plaintiff, Penny Stewart.

[3]               Although the Defendant, William Osler Health System (the “Hospital”), and the Defendant, Catharina Demme, do not share the same interests overall and have cross-claimed against each other, they seek the same results here. They both object to certification and seek to dismiss the action altogether. They also both object to the suitability of Mr. Letourneau to serve as representative Plaintiff.  

[4]               For both Defendants, the primary ground for opposing certification is the same as the ground for seeking summary judgment – that is, they contend that the Plaintiff’s claim does not fit the criteria for liability under the torts of inclusion against seclusion or negligence, and therefore raises no recognizable cause of action. Accordingly, they object to certification under section 5(1) of the CPA and move for summary judgment under Rule 20.01 of the Rules of Civil Procedure.

II.       The underlying theft

[5]               Ms. Demme was a nurse formerly employed by the Hospital. Between 2007 and December 2016, she engaged in a series of near daily thefts of opioids. The records compiled by the Hospital indicate that she illegally obtained 23,932 Percocet pills during this decade-long period. Percocet is a medication typically prescribed for pain control that combines the drugs oxycodone and acetaminophen. It is a controlled substance under the Controlled Substances Act, SC 1996, c 19, Schedule 1. 

[6]               The underlying facts of Ms. Demme’s criminal activities at the Hospital are not controversial between the parties. Both Defendants concede that the theft of prescription medication did in fact occur. The Hospital terminated Ms. Demme’s employment upon discovering the protracted series of thefts. Ms. Demme has also been prosecuted and convicted of theft under the Criminal Code and is no longer registered to practice with the College of Nurses of Ontario. The Hospital itself has undergone considerable regulatory scrutiny by the Ministry of Health, and has improved its storage, prescription, dispensing, and safekeeping protocols for prescription drugs as a result of its discovery and reporting of Ms. Demme’s conduct. 

[7]               At issue in the Plaintiff’s claim is not the theft of medication by Ms. Demme but rather the methodology of that theft. She accomplished her acquisition of drugs by misusing her position as a nurse at the Hospital to access medical files of patients at the Hospital. Her modus operandi was to access without authorization and use patient information in order to dispense Percocet pills which she then took for herself.

[8]               During the course of her nearly 10-year long crime spree, Ms. Demme improperly accessed the individual health records of some 11,358 patients. Counsel for the Hospital subdivides these patients into numerous smaller groups depending on how and where their information was accessed. That division, however, is excessively complex and appears designed not for analytic clarity but rather to raise doubts about the commonality of the claims.

[9]               For convenience, the patients whose files were improperly accessed may be divided into two categories:

a)      those who were actually patients within Ms. Demme’s circle of care or on the day surgery unit in which Ms. Demme worked and for whom she had access to their paper medical files. For these patients, Ms. Demme used the medical files as a means of identifying patients whose information could be used for accessing the Hospital’s Automated Dispensing Unit (“ADU”) and obtaining Percocet pills from that computerized system’s locked dispensing drawer; and

b)      those who were patients of the Hospital but not of Ms. Demme’s and for whom she had access to their records through the ADU linked to the Meditech database which digitally accesses patients’ records and displays them on a screen. For these patients, Ms. Demme used the digital records as an access point for dispensing medication through the ADU’s dispensing drawer.

[10]           In April 2017, the Hospital sent a letter to every patient whose file or digital records had been accessed by Ms. Demme to supply herself with Percocet. The recipients of this letter make up the proposed class put forward by Plaintiff’s counsel. The April 2017 letter set out what the Hospital understood to be the extent of the invasion of each patients’ health records:

We are writing to notify you that some of your personal health information was viewed by an employee at Brampton Civic Hospital, who was not a part of your care team and who had no authorization to do so.

Specifically, the employee randomly selected your name from a list of patient names on a computer screen in order to access narcotics (Percocet) for non-hospital-related use, and which were never given to you. During this event, the employee was only able to view:

1.      Your name;

2.      Your patient identification number;

3.      Hospital unit location you had visited; and

4.      If applicable – any allergy information.

No other personal health information was viewed by the employee, and this information was not shared with, printed, or disclosed to anyone else. The employee involved has not worked at the organization since an internal investigation found this situation. The care that was provided to you during your hospital stay was not impacted in any way.

[11]           For those patients accessed by Ms. Demme only through the ADU, this information is for the most part accurate and complete. Counsel for the Plaintiff notes, however, that the ADU screen would also have displayed the names of any medication that the patient took during the previous 32 hours. Ms. Demme also testified that in the early years of her thefts she would look to see if the patient was pre-prescribed Percocet, and, if not, she would move on to another patient. As the years wore on, however, she apparently stopped this practice and simply dispensed Percocet for herself by clicking on any random patient whose name appeared on the ADU screen’s list.

[12]           Ms. Demme’s improper accessing of information through the ADU was fleeting, as the Hospital’s counsel describes it. The ADU keeps a log which records the amount of time any person accesses a given patient record. The ADU printout of patients that Ms. Demme accessed shows that she was in each patient’s file for less than a minute. Each of these transactions, though entirely improper and, indeed, criminal, was remarkably uncomplicated. In effect, Ms. Demme scrolled down the patient list, stopped at any given patient’s name, and clicked on the box designated for the medication that she desired. That action opened the dispensing drawer from which she removed the pills and entered the updated count.  

[13]           It is more difficult to verify that Ms. Demme’s improper accessing of information from files belonging to her own patients or those in her unit was equally brief, although she has deposed that was the case. For her own patients in the day surgery unit, she already knew for legitimate reasons what their diagnosis, health history, treatment, and medications were, so she had no particular reason to view this information again when improperly using their files to obtain Percocet for herself. Again she states, and the Hospital verifies, that the way the ADU system worked she barely needed any information other than the name of a patient – in particular, those who had Percocet pre-prescribed in advance of their surgery – in order to obtain the pills that she desired.

[14]           Ms. Demme deposed in her affidavit that she first went to the files of patients within her circle of care, then she moved on to patients within the day surgery unit where she worked but who were not in her care. For these patients she had access to the paper files. As time passed, the last group of files she used were those of patients in other parts of the Hospital. She did not have the paper files of those patients, but their names were listed and accessible on the ADU machine located in her unit.

[15]           I pause to note that although there were other ADU units around the Hospital, Ms. Demme always used the same ADU machine in the day surgery unit where she worked. That machine is now out of commission and no longer exists. However, the Hospital has preserved screen shots of all relevant data. Plaintiffs’ counsel has alleged that the destruction of the ADU machine amounts to spoliation of evidence by the Hospital, but that does not appear to me to be the case. Counsel for the Hospital went through the ADU screens page-by-page with me at the hearing, and I am satisfied that the Hospital was careful to preserve the evidence necessary for this action.

[16]           In any case, Ms. Demme’s evidence is that her only interest in improperly accessing any patient’s records – whether a paper file or a digital one through the ADU – was to obtain drugs. The first screen that she came across after clicking on the name of a patient appears to have contained all the information she needed. In cross-examination, Ms. Demme explained that each time she accessed a patient file for this purpose so she acted as quickly as possible, staying in any one file a minimal amount of time before moving on to the next patient.

[17]           There is little reason to doubt the credibility of Ms. Demme’s description. In the first place, the ADU records verify the fact that she accessed each patient’s records for a matter of seconds. Moreover, it stands to reason that she was interested in obtaining opioids, not information or knowledge of a patient’s file. There is no evidence, nor is there reason to suspect, that Ms. Demme perused any patient records beyond what was needed to open the medication dispensing drawer. She was, by her own admission, a drug addict; she improperly accessed these records to feed her craving for narcotics, and not to satisfy any other need for patients’ health information.

[18]           Although the Plaintiff suspects that there may be some patients whose medication was impacted by Ms. Demme’s use of their health records for her thefts, there is no hard evidence of any adverse medical treatment. The Hospital’s evidence establishes that when medication is dispensed through the ADU system, it does not automatically get recorded in the patient’s medical file. That is for the attending nurse to record once the medication has been administered to the patient. Otherwise, the only record produced by the ADU with respect to the dispensing of any medication, including Percocet and other opioids, goes to the pharmacy department for the purposes of keeping track of medicine stocks at the Hospital. That record is not associated with any particular patient.

[19]           As a consequence, the pills obtained by Ms. Demme were only recorded as having been administered to a patient if she made a manual record in the patient’s file. This would only have been feasible for the patients in the day surgery unit, and especially those within Ms. Demme’s circle of care, for whom Ms. Demme had access to the paper file.

[20]           Anne Ford, Chief Privacy Officer for the Hospital and an affiant on the Hospital’s behalf, indicated in her cross-examination that some false medication administration records were indeed found by the Hospital in its review of files improperly accessed by Ms. Demme. Plaintiff’s counsel submits that this gives rise to a risk of some patients being denied Percocet; but it is unclear how many, if any, patients this actually impacted.

[21]           Counsel for the Hospital points out that day surgery patients are typically pre-prescribed pain killers on a PRN (Pro Re Nata, or “as needed”) basis. To be impacted by a false file notation of this sort the patient would have had to have been prescribed Percocet PRN and have needed Percocet after it was recorded by Ms. Demme. Since the evidence in the record shows that where Ms. Demme did record Percocet in patient files it was after the surgery and on the patient’s way out of the Hospital, the number of patients falling into this category would be very low.

[22]           Plaintiff’s counsel indicates that there are at least two class members who state that they were deprived of pain killers due to Ms. Demme’s interference with their file. One of these is Chris Letourneau, the newly proposed representative Plaintiff whose case is discussed in part VII below. Mr. Letourneau speculated in his affidavit that he was deprived of the Percocet he needed after his day surgery at the Hospital. However, it became clear that that statement was incorrect, and that Mr. Letourneau had a confused and unreliable memory of the events of his brief stay in the Hospital.

[23]           Another class member who makes a similar statement about being deprived of medication as a result of Ms. Demme’s actions is Gail Corbeil. She deposed that she asked for pain killers while at the Hospital but was told she already had received Percocet even though she had not.  The Hospital has produced her medical file and no Percocet is recorded as having been given to her; however, Plaintiff’s counsel points out that the Hospital, in an effort to correct Ms. Demme’s patients’ files, may have altered or corrected Ms. Corbeil’s file to accurately show that she never received Percocet.

[24]           At this point, it is difficult to know whether Ms. Corbeil was supposed to get Percocet and did not, and whether this was or was not due to Ms. Demme’s making a record in the file. What is clear is that if Ms. Corbeil is accurate in her surmise that it was Ms. Demme’s false notation in her file that resulted in her being denied a dose of Percocet, hers is likely a rare case. As indicated, this would mean that Ms. Demme made a notation in Ms. Corbeil’s file almost immediately after her surgery, before any other nurse on the unit could attend to her and determine what post-surgery medication she required.

[25]           The record contains no firm evidence of any patient who suffered actual such harm; Ms. Corbeil’s case appears to be as close as the evidence comes to a patient who might not have received Percocet when she was supposed to receive it. Most, like the current Plaintiff, Ms. Stewart, and the proposed Plaintiff, Mr. Letourneau, either do not or cannot credibly make this claim.

[26]             Likewise, there is no evidence that any patient who did not require Percocet was ever given the pain killer as a result of Ms. Demme’s improper use of that patient’s records. Ms. Demme improperly accessed over 11,000 patient files for a brief moment or two during her 10-year crime spree; of that there is no doubt. But on the evidence before me, that illegal conduct does not appear to have resulted in actual medical mistreatment – certainly not on a class-wide basis.

[27]           For that reason, this claim is entirely focused on the question of Ms. Demme’s and the Hospital’s liability for the improper intrusion on patients’ personal health information. It is not framed as a medical malpractice claim against either Defendant, and does not seek compensation on that basis for the Plaintiff or putative class members.

[28]           The evidence indicates that the Hospital was aware of the possibility that opioids and other medications could potentially be stolen from its facility, and that it had safeguards in place to detect and prevent such theft. Foremost among these safeguards was that audits of ADU use were supposed to be conducted on a periodic basis. As it turns out, however, audits were never performed on the day surgery unit’s ADU machine used by Ms. Demme.

[29]           The Hospital has produced an “All Station Events” report for one illustrative month during Ms. Demme’s tenure on the day surgery ward: November-December 2016. For this particular month, the report is 48 pages long; 45 of those pages consist of records of Ms. Demme withdrawing Percocet from the unit. The other 3 pages contain records of all of the ADU users in the ward refilling the Percicet inventory at the machine. Ms. Demme obtained 612 Percocet pills using 306 separate transactions during November-December 2016, and that no one else withdrew any at all from this unit.

[30]           The Hospital has separately produced another All Station Events report in spreadsheet format, this one showing all transactions by Ms. Demme at the day surgery ADU from December 2015 to November 2016. The spreadsheet is 54 pages long. The first 3 pages list withdrawals of medication other than Percocet by Ms. Demme. The remaining 51 pages show withdrawals of Percocet by Ms. Demme. The information contained in this report indicates that during a 1-year period, 94% of Ms. Demme’s transactions on the ADU in the day surgery unit were withdrawals of Percocet.

[31]           Despite the fact that the All Station Events reports produced by the Hospital show what everyone concedes is an alarming overuse by Ms. Demme of the ADU for dispensing Percocet, none of this information raised any red flag at the Hospital. The periodic All Station Events reports never prompted an audit of ADU use or of Percocet withdrawals – the one safeguard on which the Hospital most heavily relies. Reports of this type were or could have been generated every single month for all ADU units, including the one used by Ms. Demme, but the Hospital appears not to have paid these reports any attention.

[32]           None of the Hospital’s safeguards against the improper use of patient health records or the improper dispensing of drugs appears to have worked. Ms. Demme was only caught after nearly a decade of thefts. At that point, she had become extremely sloppy in her use of health files and ended up dispensing herself Percocet using the name of a patient who had already checked out of the Hospital. This unusual record finally triggered an investigation by the Hospital that resulted in Ms. Demme’s long history of opioid thefts finally being unearthed. As a result, Ms. Demme was terminated from her employment, charged with a criminal offense, and resigned her registration with the College of Nurses of Ontario.

III.       Class definition

[33]           The Plaintiff proposes the following class definition:

All persons who (i) reside in Canada; (ii) provided personal information to the Hospital, which may include but is not limited to their name, OHIP number, private health insurance plan information, date of birth, address, telephone number or government identification numbers, medical history, including prior physical and psychiatric conditions and treatments and presenting medical problems to the Hospital for the purpose of obtaining treatment or advice or other service from the Hospital; and (iii) were sent written notice by the Hospital that their personal information was accessed by Ms. Demme without any permissible purpose, and without their consent.

[34]           The proposed class is objectively defined, easily identifiable, and rationally connected to the proposed common issues (as identified in Part VII below). As indicated, the Hospital sent notices to 11,358 putative class members regarding the improper accessing of their health records; accordingly, the Defendants have knowledge of the persons to whom they sent the notice and the reason for the notice.

[35]           As discussed above, I would divide the class into two sub-classes: a) those who were within Ms. Demme’s circle of care or in the day surgery unit at the Hospital and whose paper health records were accessed or used improperly by Ms. Demme, and b) those that were not within Ms. Demme’s circle of care or the day surgery unit but whose health records were digitally accessed and used improperly by Ms. Demme. These two sub-classes are readily identifiable and easy to formulate and to distinguish from each other. The class definition overall, and the two sub-classes of which it is comprised, all meet the basic criteria of an appropriate class of claimants: see Western Canadian Shopping Centres Inc. v Dutton, 2001 SCC 46 (CanLII), [2001] 2 SCR 534, at para 38.

[36]           Importantly, the class members can be identified without considering the merits of the action: see Waldman v Thomson Reuters Corporation, 2012 ONSC 1138, para 8. All of the information listed in the class definition may or may not have been accessed by Ms. Demme, and Ms. Demme and the Hospital may or may not ultimately be liable for any such access; but at least some of the identifying information will have been accessed for each of the patients who received the Hospital’s April 2017 letter. They therefore each have some interest in the resolution of the common issues.

[37]           Accordingly, the class definition as proposed by Plaintiff’s counsel meets the requirements of section 5(1)(b) of the CPA.

IV.       Preferable procedure – misuse of health data

[38]           In R v Dyment, 1988 CanLII 10 (SCC), [1988] 2 SCR 417, para 26, the Supreme Court of Canada commented that, “…society has come to realize that privacy is at the heart of liberty in a modern state”. Following up on this conception of the societal importance of privacy, it has been observed that, “[T]he stewardship of confidential information by governmental actors is one of the critical public policy issues of our time”: Rowlands v Durham Regio Health, [2011] OJ No 1864, para 42.

[39]           In order to pass the certification hurdle, a class action must be the preferable procedure for litigating the claim. It is well established that the test for preferability is two-fold: a court must determine first that a class action would be a fair, efficient and manageable method of advancing the claim, and second that a class action would be preferable to other reasonably available means of resolving the claims of class members: Hollick v Toronto (City), 2001 SCC 68 (CanLII), [2001] 3 S.C.R. 158, paras 27-28.

[40]           The digital context in which Ms. Demme and the Hospital operated, in which prescription medication is dispensed through a computerized ADU unit, adds an important factual context to the inquiry into privacy concerns and liability. When privacy is alleged to be invaded by means of an institutional data breach, the situation is particularly amenable to analysis on a class basis: Tocco v Bell Mobility Inc., 2019 ONSC 29, para 26. This is particularly the case where, as here, the same information was taken from each class member for the same purpose by the perpetrator, and there is no need for individual inquiries as to the nature of the data or its specific impact on the class member’s privacy: see Kaplan v Casino Rama, 2019 ONSC 2025, para 66.

[41]           Counsel for the Hospital points out that in Broutzas v Rouge Valley Health System, 2018 ONSC 6315, a case similarly dealing with improper access to health records in a hospital setting, Perell J. found that information such as a patient’s name and contact information is public record and is not confidential. Indeed, in Rouge Valley the hospital employee had accessed health records through the same type of Meditech database as that linked to the ADU used by Ms. Demme. It is the Defendants’ position that the minimal information required by Ms. Demme to dispense Percocet pills to herself did not amount to a use of private health information.

[42]           Counsel for the Plaintiff takes issue with this analysis. In the first place, he points out that the factual context of the Rouge Valley case is distinguishable from the case at bar in one important way: the patients/claimants in Rouge Valley were all in the hospital for the birth of a baby, which is perhaps the least confidential of reasons. Indeed, Perell J. recited the factual background of each patient making a claim in that case, and observed that one had announced their child’s birth and circulated photos of the new baby on social media, while another had done a Facebook posting in celebration of the birth of their new baby at the defendant hospital: Ibid, paras. 97, 106. As Plaintiff’s counsel here points out, the expectation of privacy in such circumstances is negligible.

[43]           By contrast, the members of the class in the present case were patients in the Hospital for all variety of medical reasons. Plaintiff’s counsel stresses that while some of these could have been for relatively benign injuries or minor procedures, others may have been hospitalized for reasons of mental health or serious physical ailments that one would not in the ordinary course broadcast to the public at large. And while there is no evidence – and, for that matter, little likelihood – that Ms. Demme accessed more health information than she needed for a quick dip into the ADU drawer for her Percocet, her surreptitious entry into health files for this purpose could potentially have exposed her to a more detailed knowledge of each patient’s medical situation.

[44]           Indeed, merely learning that a patient was in the Hospital could be an invasive acquisition of private health information. Plaintiff’s counsel submits that even the barest of identifying information about a hospitalized patient falls below the standards of privacy set out in the Personal Health Information Protection Act, 2004, SO 2004, c. 3 (“PHIPA”). Furthermore, the failure of the Hospital to implement adequate safeguards for patient health data likewise could amount to non-compliance with PHIPA-imposed standards.

[45]           Breach of these statutory provisions are not the basis of the Plaintiff’s cause of action. The Supreme Court has long held that breach of a statutory duty does not itself constitute an actionable tort: R v Saskatchewan Wheat Pool, 1983 CanLII 21 (SCC), [1983] 1 SCR 205. The Amended Statement of Claim addresses the privacy issue by pleading the common law tort of intrusion against seclusion, and Plaintiff’s counsel concedes that “[p]roving a breach of PHIPA falls well short of what is required to make out the [seclusion against intrusion] claim”: Hopkins v Kay, 2015 ONCA 112, para 48. He submits, however, that the standards set by legislation can provide a factual measure of the standard of care expected of a publicly regulated facility: Grossman v Nissan Canada Inc., 2019 ONSC 6180, para 51; Evans v Bank of Nova Scotia, 2014 ONSC 2135, para 26.

[46]           In R v Jarvis, 2019 SCC 10, para 29, the Supreme Court of Canada set out a non-exhaustive list of factors against which to measure a claim of breach of privacy. These include: 1) the location of the information and the breach; 2) nature of the impugned conduct – whether observation or recording; 3) any awareness by the person whose information is accessed; 4) the manner of recording or observation of the data; 5) the subject matter or content of the information; 6) any regulations or rules governing the observation or recording; 7) the relationship between the person observed and the person observing; 8) the purpose of the observation; and 9) the personal attributes of the person observed.

[47]           These factors are to be considered seriously and in light of the stress placed in PHIPA on private health data. In fact, in Lavigne v Canada (Office of the Commissioner of Official Languages), 2002 SCC 53 (CanLII), [2002] 2 SCR 773, paras. 24-25, and again in Douez Facebook, Inc., 2017 SCC 33 (CanLII), [2017] 1 SCR 751, para 59, the Supreme Court went so far as to characterize privacy as having a “quasi-constitutional status”.

[48]           It is this understanding that compels the law to protect privacy from all manner of breaches. The PHIPA policies require medical care to be provided in a way that safeguards the “use and disclosure of personal health information about individuals that protect the confidentiality of that information and the privacy of individuals with respect to that information”: PHIPA, section 1(a).

[49]           Moreover, the digitalization of health records and storage has made privacy protection even more compelling. The Court of Appeal has specifically noted that “technological change has motivated the legal protection of the individual’s right to privacy”, compelling the law to “evolve to respond to the problem posed by the routine collection and aggregation of highly personal information that is readily accessible in electronic form”: Jones v Tsige2012 ONCA 32, paras 67-68.

[50]           In assessing the preferable procedure issue, the Supreme Court has observed that “it is important to adopt a practical cost-benefit approach to this procedural issue, and to consider the impact of a class proceeding on class members, the defendants, and the court”: Hollick, para. 29. That approach has been applied where an institution fails to prevent computer hackers to access private financial information en masse: see Agnew-Americano v Equifax Canada Co., 2019 ONSC 7110. The same reasoning applies equally to the failure to prevent a rogue nursing staff member from improperly accessing private health records en masse: Bennett v. Lenovo2017 ONSC 1082, paras 18-19.

[51]           I consider a class proceeding to be an appropriate procedure for the present claim. Litigating the issues on a class-wide basis satisfies the policy goals of judicial economy and access to justice, and there is no viable alternative proceeding available to the more than 11,000 class members whose records or files were improperly accessed: AIC Limited v Fischer, 2013 SCC 69 (CanLII), [2013] 3 SCR 949, para 26. Especially where, as discussed below, the offense may be great but the individual damages minimal, fairness dictates that the class action procedure be utilized: Tucci v Peoples Trust Company, 2017 BCSC 1525, para 267. The claim therefore satisfies the preferable procedure requirement in section 5(1)(d) of the CPA.

V.       Cause of action – intrusion upon seclusion

[52]           The primary challenge raised by the Defendants is with respect to the requirement in section 5(1)(a) of the CPA that the pleadings disclose a cause of action. It is on this ground that counsel for both Defendants submit that certification be denied and summary judgment be granted dismissing the claim.

[53]           The argument put forward by Defendants’ counsel is essentially that the violation of the class members’ health records was de minimis, and so does not rise to the level required for it to be actionable as an intrusion upon seclusion. That is, neither Defendant denies that private health data was improperly accessed and that there was, at least in some minimal sense, an intrusion by Ms. Demme and, at a minimum, vicariously by the Hospital as her employer.

[54]           Likewise, neither Defendant denies that health records comprise private data for which there is an expectation of confidentiality and seclusion and that some information from those records was accessed and used improperly. But they both submit that the intrusion was small to the point of being negligible, and that the seclusion of the class members was hardly disturbed given the bare identification data that was actually accessed.

[55]           The tort of intrusion upon seclusion is of relatively recent vintage in Ontario. It traces from the Court of Appeal’s judgement in Jones, supra, and can effectively be summarized in a single sentence from para 70 of that judgment: “One who intentionally intrudes, physically or otherwise, upon the seclusion of another or his private affairs or concerns, is subject to liability to the other for invasion of his privacy, if the invasion would be highly offensive to a reasonable person.”

[56]           It is the words “highly offensive” that the Defendants contend form the obstacle to the Plaintiff’s claim under this tort. Defendants’ counsel characterize Ms. Demme’s intrusion as a roughly 60 second click on a patient’s name in a database or a 60 second flip through a paper file, together with a “use” of information such as the patient’s name and unit of the hospital that is in any case already known to everyone in the institution. They further emphasize that these minimal violations have resulted in no harm to any class member, all of whom only learned of the wrongful access to their records years after the access occurred.

[57]           As described by counsel for the Hospital, the facts of this case disclose a very large narcotics theft but a very small privacy invasion. Both Defendants further emphasize the fact that Ms. Demme did not seek out the information she improperly procured for its own sake, but rather for the further use of obtaining drugs. They argue that this is not in line with the Jones case, where the essence of the tort was the defendant’s desire for the information itself. In these circumstances, they argue, the intrusion upon seclusion is not highly offensive but rather is relatively inoffensive from the data holder’s point of view.

[58]           Plaintiff’s counsel presents a starkly different view of the invasion of privacy that the class members have endured. He argues that despite Ms. Demme’s evidence to the contrary, the sheer quantity of Percocet she stole suggests that she did not consume it herself but rather sold it for gain. Plaintiff’s counsel states that it is objectively disturbing to know that one’s private health data was exploited by a drug addict to illegally obtain narcotics, and that it even more disturbing to contemplate one’s private health data being used by a drug trafficker in fueling society’s well-known opioid crisis. 

[59]           There is a significant factual dispute between the parties as to the use to which Ms. Demme put the Percocet that she stole from the Hospital. Ms. Demme deposed that she consumed it all herself; Plaintiff’s counsel calculates that would add up to the unlikely tally of 15 Percocet pills every day for over 9 years. Ms. Demme deposed that she is a recovering addict and should be considered as a person with an illness rather than a social pariah; Plaintiff’s counsel states that Ms. Demme has failed to produce her own medical records and that an adverse inference should be drawn suggesting that she is not in fact an addict but rather a trafficker. Ms. Demme provided evidence from a medical expert that it is conceivable for one person to consume the amount of Percocet she stole over the years; Plaintiff’s counsel states that Ms. Demme’s counsel produced the expert report in a manner that precluded cross-examination and so the report should be discounted.

[60]           In my view, this is an unproductive debate. It would not particularly matter to a medical clinic or pharmacy whether a drug addict smashed a window and broke into the facility to steel drugs for himself or to sell to others. The violation of the premises would be equally egregious. Likewise, the violation at issue here – that of patients’ health records – is equally egregious whether it was done by Ms. Demme to steal drugs for herself or to sell to others.

[61]           While it is an exaggeration to say that Ms. Demme’s addiction softens the affront to those whose data she invaded, it is equally an exaggeration to say that Ms. Demme’s possible trafficking exacerbates the affront to those whose health records she used. The tort whose measure must be taken is the data breach and data exploitation – akin to the smashed window and the pilfering of drugs – and not the further use of the medication obtained through use of the improperly accessed data. The protection of privacy under PHIPA or at common law pertains to all invasions of privacy, whether the invader has a socially sympathetic or detrimental purpose.

[62]           In any case, the central question for liability here is whether the invasion of the class members’ privacy is “highly offensive”. The other two elements of the tort as summarized by the Court of Appeal in Hopkins, para 48 – “(1) intentional or reckless conduct by the defendant, (2) that the defendant invaded, without lawful justification, the plaintiff’s private affairs or concerns” – are obviously met by Ms. Demme’s misconduct. Although there is also a negligence claim against the Hospital, as will be discussed below it is on the tort of intrusion against seclusion on which the claim’s fate rests.

[63]           In a certification motion, as in a pleadings motion under Rule 21, only where it is plain and obvious that the Plaintiff’s claim cannot succeed will the claim fail to meet the cause of action requirement under section 5(1)(a) of the CPA: Hollick, supra, para 25; Pro-Sys Consultants Ltd. v Microsoft Corporation, 2013 SCC 57 (CanLII), [2013] 3 SCR 477, at para 63. The question is whether “the plaintiff has presented a case that is ‘fit to be tried’, even although it may call for a complex or novel application of the tort…”: Hunt v Carey Canada Inc., 1990 CanLII 90 (SCC), [1990] 2 SCR 959.

[64]           In advancing the de minimis argument, the Defendants rely heavily on Justice Perell’s judgment in Rouge Valley. Specifically, they stress the similarities in information improperly accessed and used by each set of defendants, and point out that although both cases took place in a hospital setting, the information at issue was more in the nature of identification material than medically relevant material.

[65]           Counsel for the Hospital submits that the Rouge Valley ruling demonstrates that not every breach of hospital procedure and improper access to health records counts as actionable. Perell J. concluded that, “[A] reasonable person would not find the disclosure of contact information without the disclosure of medical, financial, or sensitive information, offensive or a cause for distress humiliation and anguish. The contact information that was the objective of the intrusion in the immediate case was not private, there was not a significant invasion of privacy, and the invasion of privacy was not highly offensive to an objective person”: Rouge Valley, para 151.

[66]           In considering this argument and its potential applicability to the case at bar, the difference in context must be taken into account, as discussed in part IV above. While birth announcements are common social practice, other hospital procedures – surgery, chemotherapy, psychopharmalogical treatments, etc. – are bound to be rather less shared by patients with the world at large. The Hospital is a uniquely private and confidential institution. It may be the case that, “[I]ndividual inquiries would be required to determine if class members were in fact embarrassed or humiliated by the disclosure of the fact that they were, for example, patrons of Casino Rama”: Kaplan, supra, para 80. But the Hospital, with its mandate to keep health records private and safe, is in an objectively different category.

[67]           Furthermore, the fleeting nature of Ms. Demme’s access to each class member’s data can be overemphasized. The consequence of this would be to unduly minimize the intrusion. As a first principle in this and related fields, the Supreme Court has commented that, “Interference with freedom of movement, just like invasion of privacy, must not be trivialized”: Kosian v Société de transport de Montréal, 2019 SCC 59, para 139. While the duration of each improper access of health data is a relevant consideration in assessing the offensiveness of the invasion, it must also be kept in mind that “the nature and quality of the information at issue are relevant”: Jarvis, para 66.

[68]           It must also be kept in mind that physical injury or monetary loss is not a necessary ingredient for liability under inclusion against seclusion. Every member of the class has suffered the same loss – a loss of control over their private information. As the Court noted in Jarvis, para 134, quoting A.F. Westin, Privacy and Freedom (1970), p. 7, privacy is “the claim of persons to ‘determine for themselves when, how, and to what extent information about them is communicated to others’”. The intrusion – the loss of control – is its own harm.

[69]           All of which returns the analysis to the “highly offensive” question: would “[a]ny person in [the Plaintiff’s] position…be profoundly disturbed by the significant intrusion into her highly personal information”? Jones, para 69. Counsel for the Hospital submits that the evidence of disturbance by potential class members is either not credible or greatly inflated. He emphasizes that years went by before any of the class members became aware of the misuse of their health records, and there is precious little evidence of any of them suffering harm or being any worse for the misuse. From the Hospital’s point of view, to discover that up to 9 years ago someone at the Hospital improperly accessed your medical file for their own reasons for a moment or two, but there have been no ramifications of that access for you during all of these years, meets no one’s definition of “highly offensive”.

[70]           On the other hand, it is to be kept in mind that “[p]rivacy is not an ‘all-or-nothing’ concept”: Jarvis, para 29. Accordingly, different privacy contexts when breached may lead to different legal consequences.

[71]           In Jones, for example, it was all but presumed that unauthorized or unconsented to access to this type of personal information was highly offensive. At para 72, Sharpe J.A. paired health data with financial data as the paradigmatic cases of information in need of protection: “[I]t is only intrusions into matters such as one’s financial or health records…that, viewed objectively on the reasonable person standard, can be described as highly offensive.”

[72]           The present case poses an example at one far end of the spectrum spanning the kinds of intrusions into privacy that the Court of Appeal discussed in Jones. While any intrusion – even a very small one – into a realm as protected as private health information may be considered highly offensive and therefore actionable, the facts do not exactly “cry out for a remedy”: Ibid., para 69. Rather, while one might be disturbed by the “intrusion into…highly personal information… damages for intrusion upon seclusion…should be modest”: Ibid., 69 and 87.

[73]           Given the minute size of the infringement, the damages may also be quite minute. While it is important to fashion a remedy which is “sufficient to mark the wrong that has been done”, ibid., para 87, that does not speak to a substantial sum where the aggrieved party or parties are only notionally harmed. Indeed, it may take very little to symbolically mark a wrong of this nature.

[74]           The Court of Appeal in Jones, para 87, has identified a number of factors relevant to the assessment of damages in privacy cases not resulting in pecuniary loss:

(1) the nature, incidence and occasion of the defendant’s wrongful act; (2) the effect of the wrong on the plaintiff’s health, welfare, social, business or financial position; (3) any relationship, whether domestic or otherwise, between the parties; (4) any distress, annoyance or embarrassment suffered by the plaintiff arising from the wrong; and (5) the conduct of the parties, both before and after the wrong, including any apology or offer of amends made by the defendant.

[75]           What is at stake here are Ms. Demme’s repeated but fleeting wrongful acts. These intrusions into patient files exploited randomly selected nurse-patient relationships, but were not intended to produce, and seemingly did not produce, any discernable effect on the class.

[76]           Ms. Demme has admitted her wrongdoing and been criminally punished and professionally sanctioned for her misdeeds. The Hospital has acknowledged its own supervisory and safety failings in respect of its personnel and drug protocols. As a result of the investigation and discovery of Ms. Demme’s protracted series of medication thefts, the Hospital has been subjected to regulatory review by the Ministry of Health. It has consequently engaged in internal remedial measures and modified its beheviour to prevent a recurrence of this type of illegal activity by its staff.

[77]           The factors discussed in Jones have therefore been all but addressed prior to any consideration of a civil remedy. While this motion is not the forum to actually quantify damages, it stands to reason that the appropriate amount per class member might be a small one – perhaps significantly less than the $10,000 awarded in Jones where there were multiple, protracted invasions specifically targeting the plaintiff’s own information in order to use it against her.

[78]           Ontario cases have in the past awarded nominal amounts for notional invasions of privacy causing no observable harm: see Saccone v Orr (1981), 1981 CanLII 1708 (ON SC), 34 OR (2d) 317 (Ont SC); Provincial Partitions Inc. v Ashcor Inplant Structures Ltd.1993 CanLII 5579 (ON SC), [1993] OJ No 4685 (Gen Div). While I do not intend to engage in an in-depth analysis of the damages claim, if liability is found at trial the judge considering the damages claim will doubtless want to review these cases with care.

[79]           In any case, the Jones reasoning supports the proposition that an infringement of privacy can be “highly offensive” without being otherwise harmful in the sense of leading to substantial damages. The offensiveness is based on the nature of the privacy interest infringed, and not on the magnitude of the infringement.

[80]           Accordingly, the intrusion upon seclusion claim as pleaded is a viable cause of action that satisfies the requirement for certification under section 5(1)(a) of the CPA.

VI.       Cause of action - negligence

[81]           The Plaintiff has also brought a claim in negligence against both Defendants. Several of the proposed common issues address duty of care and standard of care, and so are aimed at establishing some of the ingredients of negligence with respect to all class members.

[82]           Given that the class members were all patients in the same medical facility, the duty and standard questions can readily be answered on a class-wide basis. The class members were all similarly situated vis-à-vis the Defendants. If a duty is or is not owed to one it is or is not owed to all, and if the requisite standards were or were not met for one they were or were not met for all.

[83]           It must be kept in mind that the negligence alleged against the Defendants is not negligent medical practice. The Plaintiff does not claim that she or the class members received sub-standard medical treatment. Rather, the alleged negligence is in respect of the failure to safeguard the class members’ private health information. As the Hospital’s counsel has pointed out, a number of the Plaintiff’s factual allegations also point to a negligence claim of failure to implement an effective narcotic control system.

[84]             Given that the Defendants have admitted the improper conduct by Ms. Demme and the failure to have safeguarded against this conduct, the answer to the duty and standard of care questions are obvious. That said, they do virtually nothing to advance the Plaintiff’s claim.

[85]           By her own admission, the Plaintiff suffered no actual damage beyond the fact of the invasion of her private health information. The affidavit of Ms. Ford on behalf of the Hospital explains that the records show that the Plaintiff, Ms. Stewart, attended diagnostic imaging at the Hospital on December 5, 2016. No medication was prescribed or administered to her, and no medication profile was created for her. Ms. Demme withdrew two tablets of Percocet under Ms. Stewart’s name using the ADU. This withdrawal was not recorded in Ms. Stewart’s file and had no impact on her treatment at the Hospital or otherwise.

[86]           As indicated in the section above, the invasion of privacy is itself a form of harm. But it is not the type of harm that suffices for a negligence claim. Unlike intrusion against seclusion, which is one of the few areas of tort law allowing for “symbolic” or “moral damages”, Jones, para 75, negligence liability requires that actual harm be manifest and caused by the wrong.

[87]           Plaintiff’s counsel has couched the damages portion of the negligence claim in terms of inconvenience, discomfort and distress caused to the class members by the loss of their privacy. The Supreme Court of Canada has established, however, that damages for “upset, disgust, anxiety, agitation or other mental states that fall short of injury” do not constitute compensable damages in a negligence claim: Mustapha v Culligan of Canada Ltd., 2008 SCC 27 (CanLII), [2008] 2 SCR 114, para 9.

[88]           There is little doubt that the Defendants breached duties and standards applicable to a health care facility and its professional staff. At the same time, there is no evidence that those breaches caused actual harm – i.e. physical or psychological damage, as opposed to mere psychological upset: Ibid., paras 8-9.

[89]           In a phrase that rings true for Anglo-Canadian tort law as much as for its American counterpart, Justice Cardozo famously observed that, “Proof of negligence in the air, so to speak, will not do”: Palsgraf v Long Island Railroad Co., 248 NY 339, 162 NE 99 (1928). Negligence liability does not punish wrongs without being linked to the vindication of rights. For that reason, there must be actual harm caused to the claimant.

[90]           It is not sufficient to sustain an action in negligence that the Defendants acted in a substandard manner and in breach of duty. While other cases have been certified by this court where negligence is pleaded in conjunction with intrusion upon seclusion, in those cases “[e]ach of the elements [of negligence] – duty and breach of care, causation and legally compensable loss – has been pleaded in detail”: Grossman, supra, para 22; see also Evans, supra, paras 2, 31.

[91]           In Ms. Stewart’s case, while some of those ingredients may be present, they did not lead to the type of material loss that is legally compensable. The Court of Appeal and the Supreme Court of Canada have characterized Ms. Stewart’s type of damage claim as raising at most a “transient upset”, after which, as they put it, “Life goes on”: Mustapha, para 9, quoting Vanek v Great Atlantic & Pacific Co. of Canada (1999), 1999 CanLII 2863 (ON CA), 48 OR (3d) 228, para 60 (Ont CA). That type of transient upset is not actionable in negligence.

[92]           I note that the Plaintiff’s proposed common issues addressing negligence do not address the crucial question of causation. The reason for that is that there is no credible evidence that harm has been caused on anything resembling a class-wide basis. 

[93]           It may be, of course, that of the 11,358 known class members, there exists a number with evidence that they were harmed by Ms. Demme’s and the Hospital’s conduct in a way that is recognized by the law of negligence. But that would require mini-trials that would be every bit as complicated as a full negligence trial. As indicated, the duty and standard of care questions are easy to answer; it is the causation and damages questions that are entirely elusive here.

[94]           Accordingly, there is insufficient evidence of a viable cause of action in negligence, at least on a class-wide basis. I would not certify any common issues based on that claim. Class members such as Ms. Corbeil, whose case is discussed in part II above, who allege they were physically or psychologically harmed by the Defendants’ actions, are free to bring those claims on an individual basis.

VII.    Common issues

[95]           The proposed common issues, eliminating those geared specifically toward a negligence claim, are as follows:

         Do the actions of Ms. Demme constitute intentional or reckless intrusion upon seclusion that would be highly offensive causing distress, humiliation or anguish to a reasonable person?

         Is the Hospital vicariously liable for the intrusion upon seclusion committed by its employee, Ms. Demme?

         To what damages are the class members entitled?

         Are the class members entitled to punitive or aggravated damages, and, if so, in what amount?

         Can the class members’ damages be assessed in whole or in part in the aggregate, and if so, what is the quantum of the aggregate damages?

[96]           It appears to me that all 5 questions are rationally related to the claim, although only for the first three and the 5th question is there a realistic prospect that they will ultimately be significant to the claim. For reasons discussed briefly below, the 4th question is in a slightly different category.

[97]           The first question asks about Ms. Demme’s actions and the tort of intrusion against seclusion discussed in part V above. The question of liability under this tort is the central issue raised by the claim and is certainly amenable to resolution on a class-wide basis.

[98]           The second question relates to the same conduct by Ms. Demme, but asks about the Hospital’s vicarious liability for that conduct. It is undisputed that Ms. Demme was the Hospital’s employee at all relevant times. The question for the common issues trial will be whether the Hospital’s “enterprise and empowerment of the employee materially increased the risk of the [wrongdoing] and hence the harm”: Bazley v Curry, 1999 CanLII 692 (SCC), [1999] 2 SCR 534, para 46

[99]           As the Supreme Court has indicated, the test for vicarious liability is not to be applied mechanically. Rather, the evidence is to be analyzed with the policy goals of vicarious liability in mind – i.e. “fair compensation and deterrence”: Ibid., para 45.  This approach will require the common issues trial to consider evidence of Ms. Demme’s specific duties as a nurse at the Hospital. The objective of the trial judge in this respect will be to “determine whether they gave rise to special opportunities for wrongdoing”: Ibid., para 46.

[100]      The third question addresses compensatory damages. It relates to both direct liability of Ms. Demme and to vicarious liability of the Hospital, both of which are part of the common issues analysis. There is no reason that the damages analysis that accompanies those issues should not equally be addressed as part of the common issues.

[101]      Addressing the fifth question out of sequence, it seems to me that if damages are to be awarded for intrusion upon seclusion this case presents an ideal case for them to be calculated on an aggregate basis. The only potentially significant difference among the class members in terms of the symbolic or moral value of the damages they may be awarded is between the two sub-classes. That is, a trial judge may want to consider whether Ms. Demme’s improper access to the actual files of patients within her own care or in her own unit of the Hospital deserves different treatment in terms of damages than does her improper access to randomly selected digital files appearing on a list on the ADU screen. 

[102]      The CPA specifically authorizes the award of damages on an aggregate basis under certain circumstances. Section 24(1) provides that aggregate damages are available where: “(a) monetary relief is claimed on behalf of some or all class members; (b) no questions of fact or law other than those relating to the assessment of monetary relief remain to be determined in order to establish the amount of the defendant’s monetary liability; and (c) the aggregate or part of the defendant’s liability to some or all class members can reasonably be determined without proof by individual class members.”

[103]      The case at bar seems ideally suited for such a determination either for the class overall or for each of the two sub-classes. As in other cases where an aggregate damages approach has been adopted, the non-individualized evidence presented by the Plaintiff is likely to be applicable and reliable for the class as a whole: see Ramdath v George Brown College of Applied Arts and Technology2015 ONCA 921, para 76. The Court of Appeal has emphasized that individualized damages assessments can be dispensed with in favour of an aggregate approach where “the collective nature of the class members’…claim drives the aggregate damages analysis”: Trillium Motor World Ltd. v Cassels Brock & Blackwell LLP, 2017 ONCA 544, para 382.

[104]      The fourth question, dealing with punitive or aggravated damages appears at this stage to be unsuited to the evidence in this case. I have already indicated that the harm, if any, appears to be so minimal on an individual basis that this may be a case for nominal damages. Although different evidence may emerge at the common issues trial, the evidence at this juncture indicates that each of the class members, or each of the two sub-class members, has suffered in the identically minimal way. Further, there have already been serious criminal and regulatory sanctions imposed on the Defendants, leading to substantial behavior modification.

[105]      For these reasons, neither punitive nor aggravated damages seem to be relevant.

[106]      Having said that, the judge hearing the common issues trial will have all of the evidence at their disposal and will be in a better position to make a conclusive determination in this regard. Once the claim is certified, there may be new class members coming forward, or there may be new evidence about Ms. Demme’s and/or the Hospital’s conduct. I would not want to preclude the questions of punitive or aggravated damages without hearing all of the evidence adduced at trial. I therefore see some merit in leaving these questions to the trial judge.

[107]      Accordingly, the 5 questions listed above all appear suitable to being answered on a class-wide basis. They satisfy the common issues requirement in section 5(1)(c) of the CPA.

VII.    Representative plaintiff

[108]      The current Plaintiff, Penny Stewart, seeks to retire from her position as representative Plaintiff. Counsel for the Plaintiff has proposed another class member, Chad Letourneau, to fill the role of representative Plaintiff. Mr. Letourneau is apparently prepared to accept this position if approved by the court.

[109]      Ms. Stewart and Mr. Letourneau were both patients of the Hospital during the time of Ms. Demme’s wrongful conduct, and both received the April 2017 letter from the Hospital. They are both class members, although they would each fit into different subclasses. Ms. Stewart was not a patient of Ms. Demme’s or of the day surgery unit during her stay at the Hospital, while Mr. Letourneau was a day surgery patient and was within Ms. Demme’s circle of care.

[110]      There is no reason that each of the subclasses requires a separate representative Plaintiff. Subclasses only require separate plaintiffs in the event that one cannot fairly or adequately represent the interests of the other subclass: Campbell v Flexwatt Corp., 1997 CanLII 4111, para 42 (BCCA). The mere fact that their claims are different does not in itself disqualify a representative Plaintiff from acting for the entire class, including a subclass to which that Plaintiff does not herself belong.

[111]      That said, the representative Plaintiff must have the motivation, capacity, and understanding to represent the class in the first place. In considering this question, a court need not aspire to appoint a claimant who is “’typical’ of the class, nor the ‘best’ possible representative”, but it may look to, inter alia, whether “the proposed representative will vigorously and capably prosecute the interests of the class”: Western Canadian Shopping Centres Inc. v Dutton, 2001 SCC 46 (CanLII), [2001] 2 SCR 534, para 41

[112]      There is considerable evidence suggesting that Mr. Letourneau does not meet this test. He has indicated that he has serious health issues which, while not automatically disqualifying a representative Plaintiff – this is, after all, a suit by patients of a medical facility – may impede his ability to carry out the functions required of him. Mr. Letourneau concedes that he has not read and knows precious little about the litigation plan proposed on his behalf. More importantly, his affidavit describing his own experience at the Hospital is riddled with errors. He indicates that he suffered pain after his surgery and blames Ms. Demme’s actions for having deprived him of the Percocet he says he required, but his medical file does not indicate that he was ever supposed to get that medication.  

[113]      At his cross-examination, Mr. Letourneau indicated that he has memory problems, that he suffers ongoing pain, and that he has a hard time concentrating. He also testified that when he was discharged from the Hospital he was so highly dosed with pain killers that he could not drive himself home. This is diametrically opposed to his affidavit, in which he deposed that he was deprived of any pain killers upon discharge from the Hospital and was in pain. When asked about this he conceded that he had sufficient pain killers when he left the Hospital, and that what he received upon discharge was more than enough to deal with the after effects of his short, 1-hour day surgery.

[114]      In general, Mr. Letourneau’s evidence demonstrates a substantial degree of confusion about his own condition and the parameters of the action against the Defendants. It also reflects a level of non-engagement with the claim or with instructing counsel that is not appropriate for a representative Plaintiff. If Mr. Letourneau were to be named as the representative of the class, the solicitor-client relationship would potentially be skewed. That is, it would likely be class counsel instructing Mr. Letourneau, and not the other way around.

[115]      I find that although Mr. Letourneau is a member of the class and has every right to pursue a claim in that capacity, he is not qualified to be representative Plaintiff. To this extent, the requirement in section 5(1)(e)(i) of the CPA that there be a representative Plaintiff who would fairly and adequately represent the interests of the class is not satisfied.

[116]      I have been advised that Ms. Stewart has or is about to resign from her role as representative Plaintiff. In that case, there is no need to fully consider whether she is qualified to remain in that capacity. I note in passing, however, that there is no evidence calling into question her memory or ability to engage with the action similar to that with respect to Mr. Letourneau. I am satisfied that Ms. Stewart may remain in a caretaker role as representative Plaintiff pending the approval of another class member to take her place.

VIII.    Summary judgment

[117]      As indicated at the outset, the Defendants seek to dismiss the claim under Rule 20.01 on the grounds that there is no viable cause of action and therefore no need for a trial. I have already indicated that there is sufficient evidence to warrant a trial on the issue of intrusion against seclusion. To that end, I have authorized common issues addressing both direct liability and vicarious liability. Those claims cannot be dismissed at this stage, and so the summary judgment motions of both Defendants fail in that respect.

[118]      The negligence claim is a different matter. Perell J. noted in Fehr v Sun Life Assurance Co., 2014 ONSC 2183, para 65, that summary judgment is often brought together with a defense to certification in class actions in order not to “tease” class members about the prospect of a good certified action. That is an important consideration, given that judicial economy is one of the goals of class actions. There is no point certifying issues that are doomed to fail on the merits.

[119]      As discussed in part VI above, Ms. Stewart has no evidence that the actions of Ms. Demme in accessing her file caused her harm that is actionable in negligence. Ms. Stewart herself concedes that she suffered no harm or damage other than the intrusion against seclusion itself.

[120]      Accordingly, it is not only that the negligence claim advanced in the pleading cannot be certified under section 5(1)(a) of the CPA, but it must necessarily fail. Ms. Stewart’s claim in this respect is as straightforward and clear as could be. Insofar as a negligence claim against either of the Defendants is concerned, there is no issue requiring a trial and the claim should be dismissed: Hryniak v Mauldin, 2014 SCC 7, [2014] 1 SCR 87, para 93.

[121]      Having said that, I am cognizant that this amounts to partial summary judgment and that the Court of Appeal has admonished against that kind of partial remedy in certain contexts. In Butera v Chown, Cairns LLP (2017), 2017 ONCA 783 (CanLII), 137 OR (3d) 561, para. 34, Pepall JA warned that partial summary judgment may give rise to a potential for conflicting findings by a trial court down the road:

A motion for partial summary judgment should be considered to be a rare procedure that is reserved for an issue or issues that may be readily bifurcated from those in the main action and that may be dealt with expeditiously and in a cost effective manner.

[122]      The question in any given case is whether the liability claim under one heading can be cleanly bifurcated from the other liability claims contained in the pleading. As the Court of Appeal put it in Mason v Perras Mongenais, 2018 ONCA 978, para 23, is the impugned claim – here, the negligence claim – “inextricably linked” to the balance of the claim?

[123]      The danger of partial summary judgment is that the judge hearing the motion to dismiss might conclude one way, while a judge hearing the trial might conclude the other way. But that danger is not present in every case where partial summary judgment is sought. In Hryniak, the Court noted, at para 60, that there are times when “the resolution of an important claim against a key party could significantly advance access to justice, and be the most proportionate, timely and cost effective approach.”

[124]      In the present case, liability for negligence is not inextricably linked to the balance of the claim for intrusion against seclusion. Negligence requires more than does the intrusion tort, and the causation and loss parts of the analysis that are absent in Ms. Stewart’s evidence will not be considered in the trial of the intrusion against seclusion claim. There is no danger, therefore, that the trial judge will have “a fuller appreciation of the relationships and the transactional context than the motions judge”: Baywood Homes Partnership v Haditaghi, 2014 ONCA 450, para 37.

[125]      I am satisfied that the two distinctive torts pleaded in this claim – intrusion against seclusion and negligence – can “readily be bifurcated without causing overlap that could lead to inefficient duplication or a material risk of inconsistent findings or outcomes”: Service Mold + Aerospace Inc. v Khalaf, 2019 ONCA 369, para 14.

[126]      As already indicated, the negligence claim is not amenable to being answered on a class-wide basis and has been eliminated from the common issues proposed for certification. The present analysis, therefore, pertains to Ms. Stewart’s claim alone and does not bind any other claimant. Any class member is entitled to bring an individual claim based on negligence if they believe they have grounds to make that claim or to distinguish their case from that of Ms. Stewart.

[127]      Summary judgment shall flow with respect to the Plaintiff’s negligence claim alone.

IX.       Disposition

[128]      The action is hereby certified as a class action under the CPA. Plaintiff’s counsel are appointed as class counsel.

[129]      The class is defined as set out in para 33 above, to be divided into two subclasses as described in paras 9 and 35 above. The 5 common issues are as set out in para 95 above.

[130]      Summary judgment in favour of the Defendants is granted in respect of the Plaintiff’s claims in negligence. Those claims are dismissed. The Defendants’ motion for summary judgment is dismissed in all other respects. The balance of the Plaintiff’s action other than the negligence claims remains intact.

[131]      The Plaintiff’s motion to appoint Mr. Letourneau as representative Plaintiff is dismissed. Plaintiff’s counsel shall have 60 days to nominate a new class representative. To the extent that Plaintiff’s counsel require it in identifying a potential representative Plaintiff, the Hospital’s counsel shall provide Plaintiff’s counsel with the names and contact information for all patients and former patients of the Hospital who received the April 2017 letter advising them of the improper accessing of their records.

[132]      Counsel may make submissions in writing with respect to costs. I would ask all parties to send their submissions to my assistant (and to each other) by email within 2 weeks of today, and any responding submissions to be sent within a week thereafter. I would also request that the submissions be no more than 3 pages in length plus a Bill of Costs, and that responding submissions be no more than 2 pages.

 

 


Morgan J.

Date: January 6, 2020