Lawsuit alleges health system maintained PHI 'in a reckless manner' ahead of breach

Atlanta-based pediatric health system Aveanna Healthcare is facing a lawsuit related to a 2019 data breach that affected 166,000-plus patients, according to Gov Info Security.

The health system found multiple employee email accounts had unauthorized activity between July 9 and Aug. 24, 2019. The breach affected more than 166,000 individuals and included Social Security numbers and birth dates, as well as bank account information and credit card details, in addition to other personal information.

Aveanna issued a notification statement of the breach Feb. 18, 2020. The parent of a patient filed a class-action lawsuit against the system May 28. The lawsuit alleges the health system didn't provide "adequate notice" to the affected individuals and that the system maintained protected health information "in a reckless manner."

The complaint also includes allegations that the system's employees didn't properly monitor the computer network with breached data. Plaintiffs are seeking nominal and compensatory damages as well as reimbursement for out-of-pocket costs and identity theft protection cost coverage.

More articles on cybersecurity:
Kaiser terminates employee that inappropriately accessed 2,756 patients' records over 8 years
Saint Joseph Health, 6 more Indiana providers report improper disposal of patient records
Ransomware attack affects 13,146 patients' info at Alaska surgical practice: 4 details

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Featured Content

Featured Webinars

Featured Whitepapers