Cybersecurity lawsuit against Allscripts tossed by judge

A federal judge tossed out a class-action lawsuit against EHR vendor Allscripts on June 4 over a ransomware attack that left several of its hospital clients unable to access their EHRs last year, Law360 reports.

The judge ruled that the lawsuit was directed toward the wrong entity, Allscripts Healthcare Solutions Inc., which serves as the parent company of Allscripts Healthcare Solutions LLC. According to the judge, Allscripts' LLC is responsible for the company's cybersecurity and privacy measures, not the parent company.

Surfside Non-Surgical Orthopedics in Boynton Beach, Fla., filed the class-action lawsuit against Allscripts in January 2018, shortly after the EHR vendor was hit with ransomware as part of the SamSam cyberattack earlier that month. The SamSam ransomware infiltrated Allscripts' data centers in Raleigh and Charlotte, N.C., which left almost 1,500 of its clients without access to their EHRs. Some customers regained EHR access hours after the attack, while others were still unable to access electronic patient data one-week post-attack.

The lawsuit sought class-action status for Allscripts customers that were affected by the EHR downtime after the attack. Additionally, the plaintiffs were also pursuing damages related to disruption of business and lost revenue.

Editor's note: Becker's Hospital Review reached out to Allscripts for comment and will update the report as more information becomes available.

More articles on EHRs:
16 hospitals, health systems seeking Allscripts, Cerner, Epic, Meditech talent
Cerner defends progress on EHR interoperability between VA, DOD
Williamson Memorial Hospital selects Meditech EHR: 3 notes

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Webinars

Featured Whitepapers