Health care provider boards of directors have been put on notice—given these two recent Delaware court decisions – Clovis and Marchand—that courts may be willing to significantly extend a corporate board’s Caremark duty to monitor.
When read together, the Clovis and Marchand decisions suggest that corporate directors could face an increased risk of shareholders’ lawsuits and/or personal liability whenever the corporation suffers damage from a violation of law or other material risk area.
In light of the changes invoked by the above referenced decisions, the following are a number of key takeaways for health care provider directors and officers.
The risk of personal liability for corporate directors increases substantially when comprehensive laws and externally imposed regulations govern a corporation’s mission critical operations. In Clovis, the Delaware Chancery Court permitted a lawsuit to proceed against the directors of a biopharmaceutical start-up alleging that the directors consciously and repeatedly failed to monitor the company’s compliance with regulatory mandates in connection with the “mission critical” clinical trial of the company’s developmental cancer drug. In Marchand, the Delaware Supreme Court permitted a lawsuit to proceed against the board of Blue Bell Creameries, a privately held ice cream maker, for breach of duty of loyalty and bad faith for failure to provide adequate oversight of food safety and associated regulatory compliance risks. The analogy to health systems and other providers, such as home health and hospice organizations, long-term care and behavioral health facilities, appears apt given their missions of providing good quality clinical care while protecting the health and safety of their patients, as well as the fiscal safety of the organizations, in a highly regulated environment.
Note: while many health care organizations may have not-for-profit status and, thus, lack “shareholders,” personal liability for directors may still apply and attach. For example, bondholders whose investments are damaged could assert these Marchand and Clovis theories for purposes of recovery. Moreover, and while not certain, state Attorneys General, asserting charitable doctrine authority, may try to adopt the posture of a “shareholder” under the positions espoused in the above-referenced cases.
- The Delaware courts now expect directors operating in highly regulated environments to exercise their oversight functions more rigorously regarding legal and regulatory compliance risks. Under Clovis and Marchand, the environments at issue were those of pharmaceutical testing and food manufacturing. For reference, the Food and Drug Administration provides and enforces numerous, strict regulations pertaining to both of those environments. The extension of Clovis and Marchand to health care, where providers are regulated by the Centers for Medicare and Medicaid Services (a component of the same federal agency as the FDA), state departments of health and various licensing and registration agencies, would not seem a stretch.
- Through Clovis and Marchand, the Delaware courts have demonstrated a recent willingness to allow failure of duty of oversight claims to survive the pleadings stage. Prior to Clovis and Marchand, claims under Caremark based on failure of duty of oversight were among the most difficult legal theories upon which a plaintiff might hope to prevail. Claims of director liability for corporate loss founded on a lack of oversight were generally only considered sufficient to proceed to trial if there was sustained or systemic failure of the board to exercise oversight. This shift might challenge the ability of directors to successfully defend against Caremark claims in the future.
- The Clovis and Marchand decisions pinpoint examples of director actions that may be deemed to constitute failures of the duty of oversight. In Clovis, the board allegedly received reports indicating that the company was improperly conducting clinical trials in a way that failed to adhere to clinical trial protocols, yet the board did not act to correct the situation. The Delaware Chancery Court stated that: “[T]he Board ignored red flags that the Company was violating—perhaps consciously violating—the [clinical trial] protocol and then misleading the market and regulators regarding [the drug’s] progress through the trial.” The Clovis court has made it clear that a lack of action, despite receiving information of a lack of compliance, can be a basis of a failure of the duty of oversight. In Marchand, the Delaware Supreme Court held that the plaintiffs alleged sufficient particularized facts to conclude that the Blue Bell board failed to implement any system to monitor food safety risk. The Court stated that a board’s “utter failure to attempt to assure a reasonable information reporting system exists is an act of bad faith and breach of a duty of loyalty.” Boards are well advised to ensure that risk-monitoring systems are established, identified issues are addressed, and that protocols implemented under those systems are executed and followed.
- The Clovis and Marchand courts have additionally given relevant warnings for corporate directors. In Clovis, Vice Chancellor Joseph R. Slights III suggested that Delaware courts are more inclined to find Caremark oversight liability for directors when the company operates in the midst of obligations imposed upon it by positive laws yet fails to implement compliance systems, or fails to monitor existing compliance systems, such that a violation of law and resulting liability occurs. The Marchand court admonished the board in question to implement formal protocols requiring senior management to promptly advise the directors regarding indications of potential problems related to substantial risk areas.
What Should You Do Now?
In highly regulated industries, such as health care, counsel and boards of directors are encouraged to understand, with particularity, the sorts of risks to which the organization may be subject and examine overall board structure and expertise to monitor and address or correct such risks.
- A health care organization’s counsel and board should periodically review relevant, material internal and external risks to which the organization could be subject. Under Marchand boards are well advised to establish a regular schedule, such as quarterly or biannually, for the full board to examine and discuss risk and compliance. These full board discussions may, and perhaps should, occur during a portion of the board’s meetings each year. Such discussions should be specifically devoted to legal and regulatory compliance matters, including relevant risks and reports.
- Boards should also examine the expertise existing on the board to deal with relevant risk and interface with counsel and senior management. If relevant expertise does not reside on the board, consider what other sources, such as outside counsel, consultants, etc. might be appropriate to advise the board on such risks.
- Counsel and boards should consider whether or not there is an appropriate committee structure to monitor, review, and manage risk and, if not, consider appointing one or more such committees. The Marchand court noted that one board-level procedural safeguard would be to appoint a committee specifically charged with providing general compliance oversight. Such a committee should develop and oversee the effectiveness of the company’s legal and regulatory compliance matters.
- Directors, and their counsel, are well advised to re-examine their corporate information reporting systems. Specifically, such systems should be reasonably designed to provide the board with timely, accurate information sufficient to allow the board to reach informed judgments concerning the corporation’s compliance with laws and business performance. Regular processes or protocols should require officers, especially senior management, to keep the board apprised of compliance practices and related risks and reports.
- Corporate secretaries should endeavor to provide board agendas and minutes that clearly document the board’s risk management and legal compliance oversight efforts. Such documentation is vital for defense in the event a shareholder claims a failure to monitor. The boards in both Clovis and Marchand were unable to rely on board agendas and minutes to support that they were timely aware of and/or adequately addressing the underlying compliance risks that were developing.