Free Newsletter
Company admits it diverted private patient records to law firms
washingtonpost//March 19, 2026//
Summary:
- GuardDog Telehealth admitted to diverting patient records to law firms in a lawsuit by Epic Systems.
- The records were taken from Reid Hospital & Health Care Services, Trinity Health, and UMass Memorial Health Care.
- Epic Systems filed the lawsuit alleging improper access and sale of patient records to lawyers for litigation.
- GuardDog settled the case in U.S. District Court in California on March 13, 2024.
A health technology company has admitted it built a business on scooping digital medical records of individual patients from multiple health systems and distributing the information to law firms, according to court documents.
The admission by GuardDog Telehealth came in response to a lawsuit brought by Epic Systems, the nation’s largest vendor of electronic medical records software. In January, Epic alleged that a “syndicate” of companies had improperly gained access to patient records and was selling them to lawyers for potential use in litigation.
The case is important because it sheds light on the value of patient records in the commercial marketplace and the potential points of failure for hospitals, doctors and network operators who are charged with keeping them safe. Epic noticed in the fall of 2022 that law firms appeared to have access to patient records.
GuardDog is the first of the several companies being sued to reach an agreement with Epic in the case filed in U.S. District Court in California. Epic called the agreement, entered on March 13, “a step forward for patient privacy.”
The “stipulated judgment” says GuardDog may have scooped up records at Reid Hospital & Health Care Services, a health system in Ohio and Indiana; Trinity Health, which has providers in 25 states; and UMass Memorial Health Care, which operates in central Massachusetts. Each of those systems is an Epic customer. In all, Epic has said in its lawsuit that GuardDog was responsible for 6,000 of a total of 300,000 records improperly taken by various companies without patient consent.
GuardDog represented itself as having legitimate health care reasons to access patient records on the digital highway that connects medical networks, according to the agreement, but its business “instead focused on requesting, reviewing, and summarizing medical records, and providing those medical records to law firms.”
GuardDog Telehealth is listed in business records as having an address in Lindale, Texas. The court documents say its predecessor corporation is Critical Care Nurse Consulting, which is operated by Keli Heskett, who says on a professional website that she also is co-founder of Mass Tort Medical Consultants. Heskett did not respond to a request for a phone interview.
In a statement, GuardDog said it “has always maintained that it acted in good faith, with the goal of supporting patient care to the best of its abilities, whether its patients were involved with the justice system or not.”
The agreement with Epic says that GuardDog believed that another defendant in Epic’s lawsuit, Health Gorilla, which serves as a gatekeeper for digital health networks that share access to patient data, was aware of GuardDog’s activities. Epic has taken aim at Health Gorilla, alleging that it is “in league with its connections’ misuse of health information as a commodity.”
Health Gorilla blasted Epic in a statement, calling its agreement with GuardDog “incomplete at best and misleading at worst.”
It said it can prove that GuardDog never informed Health Gorilla it was using patient data for nonmedical purposes.
“Epic’s lawsuit remains an attack on interoperability that threatens patient safety and efficient healthcare nationwide, made worse by misleading submissions like its agreement with GuardDog,” Health Gorilla said.
Related Articles
Related Content
Top Legal News
- Elon Musk’s X loses Australia child protection compliance lawsuit
- Why North Carolina Lawyers Weekly is proud to endorse Best Places to Work in Law Firms
- Attorneys navigate increase in challenging UTV & ATV crashes
- Non-citizens face more scrutiny on bank activities after Trump order
- AG Jackson sues to protect federal loan access for healthcare students
- Forfeiture mandatory after money laundering convictions
- Prior consensual misconduct by officers not enough to put town on notice of sexual assault risk
- US Supreme Court rebuffs pharma challenge to Biden-era drug price
- ‘AI won’t take your job’ and other things CEOs say before the layoffs
- Trump dismisses lawsuit against IRS, court filing shows
- NC takes statewide approach to domestic violence prevention with new review collective
Commentary
- ‘AI won’t take your job’ and other things CEOs say before the layoffs
- When not to believe (your lyin’ eyes)
- Conduct a technology audit to improve law firm efficiency
- When the client brings ChatGPT to the consultation
- Content Marketing: Where law firms lose referrals and how to prevent it
- Your best people are not leaving for more money — they are leaving because you stopped paying attention
- Best at Work Insights: The choice we’re making about AI
- New life for the noncompete
- 2026: The year of tech, both heroes and villains
- Beyond burnout: The case for workplaces where people thrive
- The December question every leader should anticipate
- How do parent corporations deal with Workers’ Compensation?
