Software QA FYI - SQAFYI

Software Testing - Computer Malpractice

By: Pod One

Introduction: Definition of computer malpractice
A malpractice suit involves professional negligence. Computer malpractice involves professional negligence when providing computer-related services. In any negligence suit, the plaintiff must prove:

* Duty. If you provide services to someone, you have a legal responsibility (a duty) to exercise reasonable care in providing the services. For example, if you provide consulting services, your duty is to take reasonable care to provide good advice. If you provide data backup and archiving services, your duty is to take reasonable measures to ensure that you copy the right data and that you keep it safe.1

* Negligent breach of the duty. If you gave bad advice, you might or might not have been negligent. To prove negligence, the plaintiff has to show that no reasonable person in your situation would have given the advice that you gave. Similarly, if a data archiving service loses its client's data, it has probably committed a breach of contract, but it might or might not have committed negligence. To prove negligence, the plaintiff would have to prove that the service didn't take reasonable measures to safeguard the data.

Consider this example of software support advice. People call you when they have problems running their software. One day, you advise a caller that her problems come from an insufficiently-compatible video card. Actually, the caller has set one of the program's display options incorrectly and replacing the video card won't help. Have you committed negligence? Maybe. We can't tell, just based on these facts, because we don't know what a reasonable support advisor would have done.

Let's add three facts. First, suppose that you have a database of common problems and this problem was in the database. Second, suppose that the caller's description was specific enough that you would have easily found the problem (and the solution) in the database if you looked. Third, suppose that most software support providers would have used this database if they had it. This last point establishes a standard of care - most support advisors would have checked the database. If you don't check the database, and you provide expensive bad advice, you can be accused of acting unreasonably.

* Prevailing standard of care. The fundamental difference between an ordinary suit for negligence and a suit for malpractice lies in the definition of the prevailing standard of care.2

If someone sues you for ordinary negligence, they will compare your behavior to what any reasonable person would have done under the circumstances.

If they sue for malpractice, they will compare your behavior to what a reasonable member of your profession would have done. Professional standards are much higher and much better documented. (For example, they might be written down in ANSI standards documents.) Therefore, if you act negligently in a professional capacity, it will be easier to prove your negligence by comparing you to other professionals than by comparing you to any reasonably bright and careful person who might undertake to provide the services that you provided.

In complex situations, different reasonable people will collect and evaluate information very differently. This makes the plaintiff's task difficult but the principle is the same. She'll have to show that you didn't approach the problem in any of the ways that reasonable people do, or that no reasonable person would have approached it in the way that you did.

Why does it matter if we can be sued for malpractice?

Software testers and programmers can be sued for negligence and for breach of contract, whether or not they can be sued for malpractice. 13 So why does it matter whether malpractice is a viable type of lawsuit? 14

Malpractice suits are more serious than suits for breach of contract or for simple negligence. The plaintiff enjoys several advantages in a malpractice suit, including these:

* A non-professional service provider's contract might limit the damages that it must pay the customer. The customer's losses might be much more than the limited amount of damages that the contract allows. These limits might be enforced in a simple negligence case, but they are rejected in malpractice suits because they are deemed to violate public policy.15 For example, as an attorney in California, I can be charged in a State Bar Court with violating the profession's Code of Professional Responsibility if I even attempt to put a clause in a contract of representation of a client that limits my liability for malpractice.

* Malpractice lawsuits sometimes provide plaintiffs with procedural benefits. For example, the plaintiff might be able to file the suit after it is too late to file a negligence or contract suit, or in a different State, or under a different State's laws. The plaintiff might also be able to avoid an arbitration clause or certain defense arguments (such as comparative negligence) that might be available in negligence or contract suits.

* Professionals are held responsible for their advice under a broader range of circumstances. A paying customer might have a hard time proving that a non-professional consultant intended her to take the consultant's advice seriously and to follow it immediately. In contrast, as an attorney, I risk malpractice liability if I make a dumb suggestion to a non-paying stranger at a cocktail party.

* A malpractice plaintiff might also be more able to collect punitive damages.

Over the years, several people have advocated the licensing and professionalization of computer specialists. There are benefits to this, but we should approach this idea with open eyes. Becoming a professional carries significant additional legal responsibilities that are enforced by malpractice liability.

Full article...

Other Resource

... to read more articles, visit

Software Testing - Computer Malpractice