Mental Health Malpractice: Common Lawsuit Triggers and How to Protect Your Practice

Under the Tarasoff principle, clinicians may have a legal and ethical duty to breach confidentiality if a client poses a serious and imminent threat of harm to an identifiable person. This duty, often summarized as a "duty to warn" or "duty to protect," originates from the 1976 Tarasoff v. Regents of the University of California case and is now codified in many states.

Obligations may include warning the potential victim, notifying law enforcement, or taking other reasonable steps to prevent harm. However, laws vary by state: some mandate action, while others permit it. Clinicians should be familiar with their state’s laws and document all decisions carefully. Consulting with a supervisor or legal advisor is recommended in high-risk cases.

Tip: Laws regarding duty to warn and protect vary widely. Some states mandate it, others permit it, and a few offer no clear guidance. The Psych Law GAP resource provides an overview of the Tarasoff duty to warn/protect and specifically links to a detailed compilation of each state's relevant statutes and regulations as of February 2020, making it a reliable resource for state-by-state legal differences. The National Conference of State Legislatures (NCSL) also provides a concise summary and table of state-specific laws on the duty to warn and protect, highlighting where states have mandatory, permissive, or no explicit duty.

To reduce legal risk while treating clients with suicidal ideation or self-harming behaviors, clinicians should document thoroughly, follow clinical best practices, and take timely, appropriate action. Key strategies include:

• Use standardized risk assessment tools, such as the Columbia Suicide Severity Rating Scale (C-SSRS), and document both the results and your clinical interpretation.

• Create a collaborative safety plan when appropriate, and include it in the client’s record.

• Consult with supervisors or colleagues when facing uncertainty about risk level or next steps.

• Refer to higher levels of care or initiate emergency interventions when risk is imminent and beyond your scope.

• Document all actions taken, including client statements, safety planning, informed consent, referrals, and attempts to contact emergency contacts or crisis services.

Careful documentation is your strongest legal defense. If it’s not written down, it may not be considered to have happened in the eyes of an auditor, board, or court.

Medication errors, such as prescribing the wrong drug, dose, or failing to monitor side effects, can expose psychiatric clinicians to significant legal risk, including malpractice lawsuits, licensing board complaints, and even criminal charges in extreme cases.

Common legal claims involve:

• Failure to obtain a full medical or medication history

• Incorrect dosing or drug interactions

• Failure to monitor for adverse effects or suicidal ideation

• Lack of informed consent for medication risks

To reduce liability:

• Always document informed consent discussions, including risks, benefits, and alternatives.

• Use evidence-based prescribing guidelines and regularly monitor client response and lab work.

• Coordinate with primary care or other treating providers when appropriate.

• Review medication reconciliation at each visit, especially after hospital discharge.

Psychiatric medication errors are a leading source of malpractice claims involving patient harm, particularly when documentation is incomplete.

When clinicians are subpoenaed or involved in litigation, protecting patient confidentiality is critical, even when disclosure is legally requested. Patient records carry different degrees of privacy, and clinicians must understand what can and cannot be shared.

Degrees of privacy include:

• Standard clinical records (e.g., progress notes, treatment plans) are generally discoverable if subpoenaed, but only the minimum necessary should be disclosed.

• Psychotherapy notes, as defined by HIPAA, are held to a higher standard and are not automatically part of the legal medical record. These notes must be kept separate and require a court order (not just a subpoena) for disclosure.

• Substance use records (42 CFR Part 2) and information related to HIV status, reproductive health, or minors may have additional legal protections and state-specific disclosure restrictions.

Practical tips to protect client records:

• Never release records without client consent or verifying legal authority. If you receive a subpoena, consult legal counsel or your professional liability carrier before responding.

• Redact information that is not relevant to the legal matter. For example, if only treatment attendance is requested, avoid sharing full clinical notes.

• Document your actions carefully. Note any subpoenas received, legal consultations made, and exactly what was disclosed.

• Use an EHR that supports record segmentation (like separating psychotherapy notes) and tracks access for audit purposes.

Example:
A therapist receives a subpoena in a custody dispute requesting all client records. Because the client is not a party to the dispute, the therapist consults legal counsel, who helps limit disclosure to session attendance dates and general treatment goals—protecting sensitive clinical content from unnecessary exposure.

When (and what) should I communicate to other providers or families about a patient’s risk status?
Clinicians have both ethical and legal responsibilities when a client presents with suicidal ideation, self-harm, or danger to others. Sharing information must balance confidentiality with duty of care, and your actions should be based on the immediacy of risk, the client's age or capacity, and applicable laws.

Communicate risk when:

• The client is at imminent risk of harm to self or others

• The client is a minor and parental/guardian involvement is legally or clinically appropriate

• Another provider (e.g., primary care, psychiatrist) is involved in care and coordination is essential for safety

• You're making a referral to a higher level of care, such as inpatient treatment

What to communicate:

• The level and nature of risk (e.g., suicidal ideation with plan and intent)

• Steps already taken, such as safety planning or emergency referrals

• Recommendations for follow-up care

• Only the minimum necessary information to ensure continuity of care or safety

Examples:

• If a client expresses active suicidal intent and refuses voluntary hospitalization, you may be required to inform emergency services and, if relevant, family members involved in their care.

• If you're referring a client to a psychiatrist for medication, sharing your clinical impressions and any known safety concerns supports coordinated treatment, and helps prevent medication errors.

Tip: Always document the reason for the communication, what was shared, with whom, and whether the client consented or was informed (unless doing so would increase risk).