Vera Institute of Justice

The adversarial nature of the criminal justice system and the sensitive topics of suicide and self-harm will likely mean that there is at least initial resistance to the idea of an additional review process—particularly one that encourages a deep dive into an adverse event. Indeed, even as sentinel event reviews are supposed to be non-blaming and forward-looking, it is inevitable that concerns will be raised about the process and its outcomes. Three areas of concern are most relevant here: logistical, interactional, and structural challenges; confidentiality; and liability.

The presence of logistical, interactional, and structural challenges means the quality of reviews can vary widely, that many RCAs will be performed incorrectly or incompletely (and thus will not produce usable results), and that formulating corrective action plans can be difficult.⁵⁴ According to research and reports from NIJ beta sites, there are several examples for these challenges:

• Logistical: finding enough time to commit to the review process; ensuring the right people are at the table;
• Interactional: getting consistent buy-in and ongoing cooperation from the team; lack of honesty among participants; and
• Structural: overcoming adversarial stances between agencies; getting all the information to the table from various stakeholders; facing legal barriers to data confidentiality (described further below).⁵⁵

To ensure RCAs and sentinel event reviews are valuable and sustainable tools for promoting safety, such challenges should be considered and addressed. It is also important for correctional facilities undertaking a sentinel event review to have realistic expectations about the process, to develop clear goals, and to maintain confidence in the investment of time and resources.

Concerns about confidentiality may arise with respect to data sharing and the disclosure of confidential information. Review teams should therefore consider privacy and confidentiality implications of the sentinel event review process and consult relevant federal, state, and local laws as necessary. Questions that might be asked, for example, include:

• Data sharing: Will all team members have access to all documents? Can a thorough and credible review be completed if not? Is the Health Insurance Portability and Accountability Act of 1996 (HIPAA) a consideration here?
• Disclosure of confidential information: Can the review team’s documents be subpoenaed or discovered in a legal proceeding brought by a third party? 

Although a detailed legal analysis of the federal and state laws governing privacy and confidentiality is beyond the scope of this report, our broad analysis suggests that common concerns about the limitations imposed by HIPAA on information-sharing in the case of suicide and self-harm incidents are likely overstated. HIPAA gives fairly broad latitude for “covered entities”—health plans, health plan clearing houses, and health care providers who transmit health information in electronic form—to share information with correctional institutions if it is a) necessary for the health and safety of the individual or other people incarcerated in a facility or b) for the maintenance of safety, security, and good order of a facility.⁵⁶ Even so, correctional facilities may very well need to establish their own forms and practices to ensure team members understand the importance of protecting confidential information and team deliberations.⁵⁷ 

            Separate issues may arise with respect to voluntary or involuntary disclosure of confidential information: for example, documents produced in a sentinel event review may be available through a public records request or be discoverable in court action against a correctional facility or its employees. There are exemptions in most such public records request laws as well as certain protections against disclosure during discovery. However, the analysis of whether and how records can be disclosed will depend on the laws in force in a given jurisdiction, which are too varied to survey here. Agencies should understand their exposure on these fronts before beginning and include the likelihood of public disclosure as a risk of a sentinel event review. They should also, however, weigh this risk appropriately and consider whether the review poses disclosure risks beyond those the facility already faces in events of suicide and self-harm. Medical records, for example, are generally discoverable in the event of a lawsuit. For another example, in New York City and State, reviews mandated by independent oversight committees such as the State Commission of Corrections and the City Board of Corrections following a death in custody are also discoverable in legal proceedings related to the death.⁵⁸ Therefore, documents created during a sentinel event review are unlikely to lead to any additional exposure for a correctional facility and the cost of engaging in sentinel event review may be marginal.

Finally, correctional facilities will have to consider their legal liability not just for possible exposure of confidential information, but also for the actual event described in a sentinel event review. Does a sentinel event review, in and of itself, establish liability against a correctional facility or individual employees? Here again, it is important to use the liability inherent in incidents of suicide and self-harm as the scale against which the liability of the review is measured. Incidents of suicide and self-harm already draw scrutiny, because some legal precedents have established liability in certain cases. For example, New York’s highest court ruled that the state has a duty to take “reasonable steps” to prevent reasonably foreseeable harms to residents of correctional facilities, such as acts of violence by others held in detention.⁵⁹ In New York, jails and other custodial facilities have that same duty of care in the context of suicide.⁶⁰ Further, that duty is sustained where an institution or mental health professional with sufficient expertise to detect suicidal tendencies, and with “control necessary to care for the person’s well-being,” fails to take such steps.⁶¹ Although the boundaries of this duty of care is New York-specific, the special responsibilities inherent in custody (for correctional or mental health purposes) are likely to bring a similar duty to bear in other states, and possibly in federal courts as well. In Estelle v. Gamble, the U.S. Supreme Court set the duty’s minimum standard: that is, the “deliberate indifference by prison personnel to a prisoner's serious illness or injury” constitutes cruel and unusual punishment contravening the Eighth Amendment and creates liability under 42 U.S.C. § 1983, the federal statute barring deprivations of constitutional rights by state actors.⁶²

            According to one author, “No one in local criminal justice leadership would willingly expose his or her agency and its staff to aggravated financial liability or gratuitous public humiliation.” However, he also warns that liability concerns should not be overstated. He writes, “Criminal justice stakeholders who participated in the NIJ’s 2013 roundtable discussion and in other focus groups and forums seemed to agree that if you are going to be sued, then you are going to be sued, with or without a sentinel event review process."⁶³ As with concerns about confidentiality, the risks attendant on a sentinel event review should be taken seriously, but kept in proportion—both to the risks inherent in managing a correctional facility under any circumstance and to the risks that come with leaving problems undiscovered and unaddressed. If the core legal obligations set forth in an agency’s jurisdiction are to prevent reasonably foreseeable harms, broad practice of sentinel event reviews can be a double-edged sword: improving the agencies’ ability to prevent harm, while also potentially increasing the number of events agencies can reasonably foresee.⁶⁴

            Both edges of that sword, however, are not equally sharp; even in New York’s test, an agency that foresees harm is not liable if it takes reasonable steps to prevent the harm from coming to pass. This gets to the heart of any liability analysis done in anticipation of a review: it has to be considered in the context of the harm it studies and aims to prevent from recurring. In addition to their human toll, suicide and self-harm raise the specter of liability. Integrating and maintaining thoughtful reviews as part of regular agency practice shows, in itself, a lack of the “deliberate indifference” to harm cited by the Supreme Court. While liability is rarely the chief concern of a sentinel events review, the reality is that a sustained, conscientious review process may prevent harm from arising in the first place—and avoiding harm is the most surefire liability containment strategy of them all.