UnityPoint Health hit with class-action lawsuit over data breach

Listen
Text
  • Small
  • Medium
  • Large

A class-action lawsuit was filed May 4 against West Des Moines, Iowa-based UnityPoint Health over a data breach that affected 16,429 patients, reports the Wisconsin State Journal.

On Feb. 15, UnityPoint Health discovered employees fell victim to an email phishing attack, which compromised patients' protected health information. Affected patients were notified of the breach April 16.

The lawsuit accuses UnityPoint Health of misleading patients about the stolen information and waiting more than two months to report the data breach to the public and state regulators.

UnityPoint Health "misrepresented the nature, breadth, scope, harm, and cost of the privacy breach" when it claimed "the [stolen] information did not include your Social Privacy number" and that it had "no information to date indicating that your protected health information involved in this incident was or will be used for any unintended purposes," the lawsuit reads, according to the State Journal.

The lawsuit, which was filed in U.S. District Court in Madison (Wis.), seeks compensatory and punitive damages as well as restitution to patients.

UnityPoint Health declined to comment on the pending lawsuit, according to the State Journal.

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars