The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Katherine Shaw Bethea Hospital Proposes $380K Settlement to Resolve Data Breach Lawsuit

Posted By on Jan 30, 2023

Katherine Shaw Bethea (KSB) Hospital in Dixon, IL, has proposed a $380,000 settlement to resolve claims related to a September 2021 data breach at a business associate of the hospital. KSB Hospital used the Scottsbluff, NE-based healthcare accounts receivables service provider, Magnet Solutions, for billing-related services. Between September 17 and September 20, 2021, Magnet Solutions processed and mailed billing statements to KSB patients; however, a software error caused statements to be mailed to incorrect individuals. The statements included names, encounter numbers, names of treating physicians, dates of service, and locations of service. According to the breach notice submitted to the HHS’ Office for Civil Rights, the breach affected 1,553 individuals, who were notified about the breach by Magnet Solutions in November 2021. Complimentary credit monitoring and identity theft protection services were offered to affected individuals.

A lawsuit – John Doe, et al. v. Katherine Shaw Bethea Hospital, et al – was filed in response to the breach. The plaintiff alleged that his billing statements had been impermissibly disclosed to other patients via mail and online portals and those statements contained information about medical treatments at KSB Hospital that were very sensitive in nature. The lawsuit alleged a breach of fiduciary duty and violations of Illinois statutes and federal law.

KSB Hospital and KSB Medical Group, which operates the hospital, admitted no wrongdoing but chose to settle the lawsuit. The class consists of all individuals who received a notification about the data breach from Magnet Solutions on behalf of KSB Medical Group informing them that their information had been impermissibly disclosed in September 2021. Under the terms of the proposed settlement, class members are entitled to submit claims for a cash payment of up to $250. If claims are submitted totaling more than the settlement amount, they will be paid pro rata.

Class members wishing to object to or exclude themselves from the settlement have until February 8, 2023, to do so. Claims for the cash payment must be submitted no later than March 22, 2023. The final approval hearing has been scheduled for March 28, 2023.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist