In medical software litigation, one of the most overlooked—but increasingly exploited—liability theories is configuration error. Plaintiffs often try to label these errors as design flaws or systemic negligence. However, configuration errors are often mistakes made during implementation, not flaws in the underlying software. For defense counsel, this distinction is powerful—and presents a strategic advantage.
What Is a Configuration Error?
A configuration error occurs when normally functional software is installed improperly. Examples in healthcare settings include:
- Incorrect dosage parameters programmed into infusion pumps
- Misconfigured alert thresholds in clinical decision support systems
- EHR settings that suppress or misroute lab results
- Incomplete or improper integration with hospital information systems
These issues are rarely the result of flawed code. Instead, they stem from decisions made post-sale or during implementation, often by third parties, hospital IT teams, or clinical staff.
Reported Cases Involving Allegations of Configuration Error
Reported cases extend well beyond healthcare and include software such as:
In Phila. Indem. Ins. Co. v. Bellin Mem’l Hosp., 126 F.4th 532 (7th Cir., 2025), the Plaintiff hired a software consulting company (Kinsey) to implement a new human resources and business management software platform. The court found that Kinsey’s failure to implement the specified software system constituted a breach of contract. The court emphasized that Kinsey’s liability stemmed from its failure to fulfill its contractual obligation to implement the correct software.
In RRX Indus. v. Lab-Con, Inc., 772 F.2d 543 (9th Circ. 1985) the Court considered a breach of contract claim involving a software system for medical laboratories. The plaintiff alleged that the defendant failed to correct programming errors and provide adequate training, despite contractual obligations.
In Evolution, Inc. v. Suntrust Bank, 342 F. Supp. 2d 943 (D. Kan. 2004), the court addressed software configuration issues where the buyers encountered significant problems with the developer’s software. The buyers developed temporary “workarounds” to address these issues but ultimately changed vendors. The court found that the buyers’ use of the source code to extract data fell within the fair use doctrine and that the modifications made were within the scope of the software license.
In Meghji v. Into The Block Corp. (In re Celsius Network LLC), 668 B.R. 722 (Bankr.S.D.N.Y. 2025), the court considered allegations of gross negligence related to the design of financial trading software. The court noted that a software designer has a duty of care to clients, particularly when the software is critical to managing financial risks. The absence of essential risk management features could constitute negligence or gross negligence if it reflects reckless disregard for risks. The court declined to dismiss the claim at the pleading stage, as the adequacy of the software’s risk management capabilities was a key issue.
In Motorola Mobility, Inc. v. Myriad France SAS, 890 F. Supp. 2d 1037 (N.D. Ill. 2012), the court denied the defendants’ motion to dismiss claims related to software warranties. The plaintiff alleged that the software failed to comply with applicable specifications. The court concluded that the warranty provisions, which specifically addressed software functioning, took precedence over more general contractual provisions. The defendants argued that the warranty provisions did not cover the software at issue due to outdated specifications, but the court allowed the claims to proceed.
The Plaintiff’s Argument
Configuration errors often serve as more convincing arguments for plaintiffs than actual product defects. The notion that human error caused the injury is more acceptable to juries and less likely to be challenged by experts. However, Plaintiffs frequently rely on traditional product liability theories such as:
- Design defects (e.g., “The software shouldn’t have allowed this setting.”)
- Failure to warn (e.g., “The risks of misconfiguration weren’t adequately disclosed.”)
- Negligent implementation support (e.g., “The vendor didn’t provide enough training or guidance.”)
The challenge is reframing these claims as misuse or alteration of the product, not inherent defects in its design or function.
Actionable Defense Strategies
Draw the Line Between Software and Implementation
- Key Message: “Our client developed a functioning tool. It was misused downstream.”
- Use documentation, product guides, and contractual language to show that configuration responsibilities were allocated to the healthcare provider or third-party integrator.
- Identify whether hospital IT modified settings outside of default safe parameters.
Use the “Learned Intermediary” Doctrine Creatively
- Argue that trained medical professionals—not software developers—had the ultimate responsibility to configure and validate system settings for clinical use.
- Highlight clinician overrides, user customization features, and decision-making autonomy.
Leverage User Agreements and Training Records
- Show that the software came with:
- Adequate training resources
- Configuration documentation
- Disclaimers regarding user-controlled settings
- Demonstrate that the client offered (but was not contractually obligated to provide) configuration support.
Dissect the Implementation Chain
- Identify each actor involved in deployment:
- Hospital CIO or IT contractor?
- Clinical applications team?
- Third-party integrator?
- Shift focus to those who made critical post-sale decisions about how the software was installed, configured, or integrated.
Use Expert Testimony to Isolate the Error
- Retain technical experts who can:
- Reconstruct the software’s deployment and configuration history
- Show that the failure would not have occurred under default or recommended settings
- Demonstrate standard practices for software implementation that were not followed
Offensive Use of Configuration as a Defense
Don’t just defend—go on offense:
- Comparative fault: Apportion liability to the hospital or system integrator for misconfiguration.
- Preemption defense (if FDA-cleared): If the software was cleared with certain default safety thresholds, argue that the plaintiff’s configuration claims conflict with federal standards.
- Contractual indemnity: Assert indemnification or limitation-of-liability clauses in deployment or license agreements.
Conclusion
Configuration errors are not software defects. They are the digital equivalent of putting the wrong medication in the right bottle. The challenge for defendants is to make that distinction clear—and to demonstrate that when software is used as intended and configured properly, it functions correctly.
Jim Pattillo is a member of Christian Small, LLP’s Product Liability Practice Group. He is leading litigation counsel for insurance, product, and commercial clients and is based in the firm’s Birmingham, Alabama office. Mr. Pattillo represents numerous commercial and personal insurers in matters involving bad faith, extra-contractual exposure, coverage litigation, and a variety of declaratory judgment actions. He also works closely with large SIU investigations on fraud-related matters. Mr. Pattillo focuses exclusively on litigation and trial work. He has a twenty-year trial record in the courtroom that is extensive and successful, including numerous seven and eight-figure exposures with results routinely exceeding client expectations.
About Christian & Small
Christian & Small LLP represents a diverse clientele throughout Alabama, the Southeast, and the nation with clients ranging from individuals and closely held businesses to Fortune 500 corporations. By matching highly experienced lawyers with specific client needs, Christian & Small develops innovative, effective, and efficient solutions for clients. With offices in Birmingham, metro-Jackson, Mississippi, and the Alabama Gulf Coast, Christian & Small focuses on the areas of litigation and business, is a member of the International Society of Primerus Law Firms, and is a Mansfield Rule™ Certified Plus Law Firm. Our corporate social responsibility program is focused on education, and diversity is one of Christian & Small’s core values.
No representation is made that the quality of legal services to be performed is greater than the quality of legal services performed by other lawyers.