Privacy & Security

Health system cleared in data breach lawsuit

'We reject plaintiffs' arguments'
By Erin McCann
August 17, 2015
11:01 AM

An appellate court has cleared Advocate Medical Group of wrongdoing in a class action lawsuit alleging the organization failed to protect patient data following a massive HIPAA data breach.

The decision, filed August 6 by the Appellate Court of Illinois Second District, affirmed two previous court dismissals of the complaints, which were filed back in September and October 2013. The Chicago-based Advocate Health Care system was hit with a lawsuit led by former patients alleging that they faced "an increased risk of identity theft and/or identity fraud" after four unencrypted AHC laptops containing patient data were stolen from one of its medical facilities July 2013.

[See also: Advocate Health slapped with lawsuit after massive data breach.]

The laptops stole contained the Social Security numbers and protected health information, including medical diagnoses, of 4,029,530, making it the sixth largest HIPAA breach ever reported, according to data from the Department of Health and Human Services.

"We reject plaintiffs' arguments and note again that their allegations are merely speculative," wrote Illinois Appellate Judge Ann B. Jorgensen in the Aug. 6 decision. "The fact that two plaintiffs to date (out of those four million) have received notification of fraudulent activity, i.e., have suffered actual injury arising from Advocate's alleged wrongful acts, does not show that plaintiffs here face imminent, certainly impending, or a substantial risk of harm as a result of the burglary, where no such activity has occurred with respect to their personal data."

[See also: Healthcare's slack security costs $1.6B.]

The appellate panel affirmed two previous court dismissals of the case, both of which argued that there was no "present harm" or that "the harm that Plaintiffs fear is contingent on a chain of attenuated hypothetical events and actions by third parties."

Although considered a win for Advocate Health Care, the financial cost of litigation stemming from the 2013 breach is something to consider.

In fact, organizations can expect to hand over on average a whopping $6.5 million per data breach, according to a 2015 data breach report published by Ponemon Institute and IBM. And healthcare organizations will pay the highest price across 16 industries.

Topics: 
Privacy & Security, Compliance & Legal

More regional news

Clinician in scrubs at a hospital computer

CommonSpirit partners up with U of U for clinical collaboration

By
Andrea Fox
November 22, 2024
Stethoscope on an iPad

HIMSSCast: Care provider or tool? When and why patients like AI

By
Andrea Fox
November 22, 2024

EHR tips on migrating an all-digital hospital to Epic

By
Bill Siwicki
November 22, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story
EHR tips on migrating an all-digital hospital to Epic

Most Read

What Loper Bright and the end of Chevron deference mean for HHS
Particle Health files antitrust suit against Epic
Choosing a managed IT service for aged care
ASTP intros 2024 draft Federal FHIR Action Plan
CrowdStrike all but assures Capitol Hill: Never again
Korea's largest hospital bags APAC's first Stage 6 of new INFRAM

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

David Miles at Oklahoma Heart Hospital_Part 2_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
Switching from Cerner to Epic? Meet a CIO who made it out alive
David Miles at Oklahoma Heart Hospital_Part 1_Doctor holding health icon Photo by Tippapatt/iStock/Getty Images Plus
The CIO of an all-digital hospital walks readers through its successes
Dr Alice Sutedjo Lisa at SMC Telogorejo Hospital_HIMSS24 APAC
Assisting the elderly in digital care
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive

More Stories

Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock
OIG again deems HHS' infosec program ineffective
Joanna Lucas, RN, of St. Luke's University Health Network
Case and referral management technology gets big results for St. Luke's
Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
Northwestern Medicine
Northwestern Medicine announces international healthcare collaboration
BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards