Florida health system hit with proposed class-action lawsuit over data breach
A Florida resident has brought a lawsuit against UF Health Central Florida following a details breach likely exposed the data of a lot more than seven-hundred,000 persons.
In accordance to the criticism, which was taken out to the U.S. District Court docket for the Center District of Florida this earlier Thursday, Chrystal Holmes is accusing the technique of failing to effectively secure and safeguard personally identifiable data.
“Despite the prevalence of public announcements of details breach and details protection compromises, UFHCF failed to consider appropriate methods to guard the PII and PHI of [the] plaintiff and the proposed course from currently being compromised,” go through courtroom paperwork.
Attempts to access UFHCF for remark were not effective.
WHY IT Issues
As noted to the U.S. Section of Health and Human Services’ Office of Civil Rights, UFHCF skilled a hacking incident previously this calendar year main to the probable exposure of seven-hundred,981 individuals’ details.
Concerning May perhaps 29 and May perhaps 31, negative actors gained unauthorized access to UFHCF’s computer system network.
In the course of that period, reported a notice posted to the UFHCF web-site at the end of July, affected individual data – including names, addresses, dates of start, Social Stability figures, well being insurance policy data, healthcare file figures and affected individual account figures, as very well as confined treatment data used for UF Health’s organization operations – may perhaps have been available.
“Right up until notified of the breach,” Holmes and the other influenced persons in the proposed course “had no idea their PII and PHI had been compromised, and that they were, and keep on to be, at significant risk of id theft and different other types of particular, social and monetary hurt,” go through the criticism.
“The risk will continue being for their respective lifetimes,” it ongoing.
In accordance to courtroom paperwork, the actuality that the incident took area implies that UFHCF had not adhered to arduous protection protocols, including these proposed by the U.S. authorities.
“The prevalence of the cybersecurity function indicates that defendants failed to sufficiently put into practice … steps to avert ransomware attacks,” reported the criticism.
Holmes, via her lawyers, argues that the data compromised in the cybersecurity function is “drastically a lot more beneficial” than credit history card data.
As a substitute, particular data these kinds of as name, handle, date of start and Social Stability range “is unattainable to ‘close’ and difficult, if not unattainable, to adjust,” go through courtroom paperwork.
Holmes is accusing UFHCF of carelessness, breach of contract and breach of fiduciary obligation.
“Plaintiff and course members have a continuing interest in guaranteeing that their data is and stays safe and sound, and they should be entitled to injunctive and other equitable relief,” argued the criticism.
THE Greater Development
Numerous of the key cybersecurity incidents more than the earlier calendar year have been adopted by lawsuits accusing health care businesses of failing to sufficiently guard affected individual data.
Earlier this calendar year, Scripps Health in San Diego faced several issues following a ransomware incident led to a significant network shutdown.
And in September, a most cancers affected individual sued UC San Diego Health more than a protection breach that likely exposed the non-public data of 495,949 patients.
ON THE Report
“The ramifications of UFHCF’s failure to continue to keep secure UFHCF’s latest and previous patients’ PII and PHI are very long long lasting and extreme,” reported the criticism. “The moment PII and PHI is stolen, specially Social Stability figures, fraudulent use of that data and destruction to victims may perhaps keep on for yrs.”
Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Electronic mail: [email protected]
Healthcare IT News is a HIMSS Media publication.
