Several health systems have faced lawsuits regarding data breach incidents.
Here are four lawsuits involving five health systems as reported by Becker's since August.
- Salinas (Calif.) Valley Memorial Healthcare System agreed to pay $340,000 as part of a class-action settlement over claims its security system did not protect patients from a data breach. Salinas Valley Memorial did not admit to wrongdoing in the lawsuit.
- University of California San Francisco Medical Center and San Francisco-based Dignity Health, along with Facebook parent company Meta Platforms, were named in a lawsuit filed July 25 in the U.S. District Court for the Northern District of California. The plaintiff alleged that Meta Pixel, which harvests data for use in targeted advertisements, collected her sensitive medical information without her consent while she was in the patient portals of UCSF Medical Center and Dignity Health.
- Chicago-based Northwestern Memorial Hospital, Meta, Facebook and Instagram were named in a lawsuit filed Aug. 10 alleging that the health system allowed Facebook's tracking tool to unlawfully collect private medical information from the hospital's patient portal to use for its own profit.
- Patients are suing Morristown, Vt.-based Lamoille Health Partners over a June ransomware attack that affected almost 60,000 patients. The lawsuit alleges that the health center was negligent in protecting patients' health information stored on its systems, in violation of the HIPAA Security Rule. The lawsuit also alleges that Lamoille Health Partners failed to notify patients about the hack and what kind of information was breached.