LAWSUITS NEWS & LEGAL INFORMATION
St. Joseph's Health System Facing Patient Data Breach Class Action
Santa Rosa, CA: A
privacy
class action lawsuit has been filed against St. Joseph Health System, which operates Santa Rosa Memorial, Petaluma Valley and Queen of the Valley hospitals, for allowing private patient data to be searchable online for 31,800 patients across the system' California hospitals, including about 10,000 patients locally.
The suit, filed by two patients on April 2 in Sonoma County, claims the health system was "negligent"and that it "unlawfully failed to maintain and preserve the confidentiality"of patients' information.
The lawsuit was filed by Deanna DeBaeke and Loba Moon, who say they were both patients in Sonoma County. According to the suit, Ms. DeBaeke was a patient at Santa Rosa Memorial in April 2011. Earlier this year, she ran a search of her name on Google from her cell phone. Among the results she claims she found were three reports from the health system related to her treatment, including her patient account number and admission or readmission dates, among other information.
Ms. Moon alleges she was a patient at Memorial in 2011. She received notification from the health system and found that her information was searchable online for as long as seven months, according the the court complaint.
The remainder of affected patients were in Southern California hospitals operated by the health system, specifically Mission Hospital and St. Jude Medical Center, both in Orange County.
At the time of the breach, the health system said the information that was searchable did not include full medical records and that social security numbers, patient addresses and financial data were not disclosed.
However, the plaintiffs allege that what was visible by search included patient data including patient names, body mass index, smoking status, blood pressure, lab results, diagnoses, allergies, demographic info including spoken language, ethnicity, race, gender, birth date and advance directive, which tells health care providers patient wishes for treatment and decision-making.
The lawsuit alleges that personal and medical information was in unencrypted electronic reports that were saved in a health system internal database between February and August 2011. "The electronic reports were not encrypted, were not password protected and did not contain or use any other form of electronic protection,"the lawsuit claims.
The suit is seeking $1,000 per patient, which would total $31.8 million for all the California patients involved, according to the complaint.
Published on Apr-9-12
The suit, filed by two patients on April 2 in Sonoma County, claims the health system was "negligent"and that it "unlawfully failed to maintain and preserve the confidentiality"of patients' information.
The lawsuit was filed by Deanna DeBaeke and Loba Moon, who say they were both patients in Sonoma County. According to the suit, Ms. DeBaeke was a patient at Santa Rosa Memorial in April 2011. Earlier this year, she ran a search of her name on Google from her cell phone. Among the results she claims she found were three reports from the health system related to her treatment, including her patient account number and admission or readmission dates, among other information.
Ms. Moon alleges she was a patient at Memorial in 2011. She received notification from the health system and found that her information was searchable online for as long as seven months, according the the court complaint.
The remainder of affected patients were in Southern California hospitals operated by the health system, specifically Mission Hospital and St. Jude Medical Center, both in Orange County.
At the time of the breach, the health system said the information that was searchable did not include full medical records and that social security numbers, patient addresses and financial data were not disclosed.
However, the plaintiffs allege that what was visible by search included patient data including patient names, body mass index, smoking status, blood pressure, lab results, diagnoses, allergies, demographic info including spoken language, ethnicity, race, gender, birth date and advance directive, which tells health care providers patient wishes for treatment and decision-making.
The lawsuit alleges that personal and medical information was in unencrypted electronic reports that were saved in a health system internal database between February and August 2011. "The electronic reports were not encrypted, were not password protected and did not contain or use any other form of electronic protection,"the lawsuit claims.
The suit is seeking $1,000 per patient, which would total $31.8 million for all the California patients involved, according to the complaint.
St. Joseph's Patient Data Breach Class Action Legal Help
If you or a loved one has suffered damages in this case, please click the link below and your complaint will be sent to a lawyer who may evaluate your claim at no cost or obligation.Published on Apr-9-12
READ MORE Data Breach Settlements and Legal News
READ MORE Internet/Technology Settlements and Legal News
READ MORE Internet/Technology Settlements and Legal News
READER COMMENTS
Lela Moore
on