Good Samaritan Hospital Settles Class Action Data Breach Lawsuit
Good Samaritan Hospital in San Jose, CA, has agreed to settle a class action lawsuit that was filed in response to a data breach that exposed the protected health information of up to 233,835 individuals. According to the hospital, unauthorized individuals gained access to an employee email account between October 28 and November 8, 2019, which contained sensitive patient data such as names, birth dates, Social Security numbers, driver’s license numbers, passport numbers, tax identification numbers, financial account numbers, treatment/diagnosis information, health insurance information, billing information, doctors’ names, medical record numbers, medical histories, prescription information, Medicare/Medicaid IDs and patient account numbers.
A lawsuit – Young, et al. v. Good Samaritan Hospital – was filed in the California Superior Court for Los Angeles County against the hospital on behalf of individuals impacted by the data breach. The lawsuit claims the hospital acted unlawfully by failing to prevent the data breach and alleged negligence, violations of the California Confidentiality of Medical Information Act (CMIA), and unlawful/unfair business practices, in violation of California Business and Professions Code.
Good Samaritan Hospital denied all of the allegations, maintains there was no wrongdoing, and claims it was fully compliant with all federal and state laws; however, the decision was taken to settle the lawsuit to avoid further legal costs and the uncertainty of trial. The proposed settlement has been agreed upon by all parties but has yet to receive final approval from a judge. The final approval hearing has been scheduled for Sept. 5, 2023.
The total settlement fund has not been disclosed; however, all class members are entitled to claim up to $1,500 as reimbursement for ordinary expenses, which are documented expenses that were incurred as a result of the data breach. Ordinary expenses include credit monitoring costs, phone calls, interest on loans, communication charges, card re-issuance fees, and unreimbursed bank fees. Individuals that have suffered identity theft, medical fraud, tax fraud, other forms of fraud, and other actual misuses of their personal information, can submit claims for documented, unreimbursed extraordinary losses that are reasonably traceable to the data breach of up to a maximum of $5,000. Under the terms of the settlement, Good Samaritan Hospital has also agreed to spend more than $459,900 on upgrades to improve data security.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The deadline for exclusion from and objection to the settlement is July 18, 2023, and all claims must be submitted by July 18, 2023. The class members were represented by Joshua B Swigart of Swigart Law Group AFC and Gayle M Blatt of Casey Gerry Schenk Francavilla Blatt & Penfield LLP.
