August 17, 2022

Volume XII, Number 229

Advertisement
Advertisement

August 16, 2022

Subscribe to Latest Legal News and Analysis

August 15, 2022

Subscribe to Latest Legal News and Analysis

San Diego Family Care Settles Data Breach Class Action for $1 Million

Recently, San Diego Family Care (SDFC) settled a class action related to a 2020 data breach for $1 million. The class includes all SDFC patients (or their parents/guardians) who received a breach notification in May 2021.

SDFC offers patients primary care services as well as dental and mental health care, has eight health centers in San Diego and examines thousands of patients. In December 2020, SDFC was the victim of a data breach, leading to the unauthorized disclosure of names, dates of birth, Social Security numbers, account numbers, treatment information, insurance data, and other sensitive patient data. The breach occurred as a result of SDFC’s technology-hosting provider’s lax security safeguards. The provider was the victim of a breach, which led to the attack on SDFC. SDFC stated in the notification letter that it learned of the breach in January 2021.

The complaints in the consolidated class actions allege that SDFC failed to protect patients’ information during the 2020 data breach, and that SDFC did not promptly notify patients upon learning of the breach so they could take steps to protect themselves from identity theft or other harm.

Eligible class members may receive cash payments up to $100 and may also submit documentation for reimbursement for ordinary out-of-pocket expenses of up to $1,000 and up to $5,000 for extraordinary out-of-pocket expenses. Each class member may also redeem identity theft protection services within 90 days of receiving a code for such services. The court is scheduled to issue its final approval of the settlement on July 29, 2022, and class members have until July 15, 2022, to submit a claim for reimbursement.

Copyright © 2022 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XII, Number 167
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Kathryn Rattigan Attorney Cybersecurity Data Privacy
Associate

Kathryn Rattigan is a member of the firm's Business Litigation Group and Data Privacy + Cybersecurity Team. She advises clients on data privacy and security, cybersecurity, and compliance with related state and federal laws. Kathryn also provides legal advice regarding the use of unmanned aerial systems (UAS, or drones) and Federal Aviation Administration (FAA) regulations. She represents clients across all industries, such as insurance, health care, education, energy, and construction.

Data Privacy and Cybersecurity Compliance

Kathryn helps clients comply...

401-709-3357
Advertisement
Advertisement
Advertisement