September 22, 2021

Volume XI, Number 265

Advertisement

September 21, 2021

Subscribe to Latest Legal News and Analysis

September 20, 2021

Subscribe to Latest Legal News and Analysis
Advertisement

HIPAA Breach Results in a $4,500,000 Class Action Settlement

Community Health System, one of the largest health systems in the United States, has agreed to pay $4,500,000 to settle claims made against it arising from a 2014 data breach. The data breach, believed to be caused by malware installed by Chinese hackers on CHS’s computer system, exposed the names, dates of birth, addresses, telephone numbers, and Social Security numbers of approximately 4.5 million patients.

Following the breach, numerous lawsuits were filed by patients seeking compensation for the theft of their personal information. The lawsuits were consolidated into a single lawsuit. The settlement,  which still must be approved by the Judge overseeing the case, provides for two different payments to patients affected by the breach. Individuals who can prove they incurred out-of-pocket expenses as a result of the breach and/or can show evidence in time lost securing their accounts, can claim up to $250. Individuals who have suffered identity theft or fraud can recover up to $5,000.

Putting It Into Practice:  This case is a reminder for entities to review their data protection mechanisms. Class action lawsuits by individuals affected by breaches are becoming more common, and could significantly increase the financial penalties and exposure applicable to companies that store patient information.

Copyright © 2021, Sheppard Mullin Richter & Hampton LLP.National Law Review, Volume IX, Number 51
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Matthew Shatzkes Attorney New York Sheppard Mullin
Partner

Matthew Shatzkes is a partner in the Corporate Practice Group in the New York office of Sheppard Mullin and is a member of the firm’s healthcare practice team.

Areas of Practice

Matthew provides strategic, regulatory, compliance, and transactional advice to all manner of health care clients, including health systems, hospitals, academic medical centers, long-term care providers, ambulatory surgery centers, diagnostic and treatment centers, physician practices, digital health companies and investors....

212-634-3062
Advertisement
Advertisement
Advertisement