SACRAMENTO, CA – The theft of a computer during a break-in in October has spurred a $1B class action lawsuit against Sutter Health, according to a report published today by the Sacramento Bee. The computer contained data on more than 4 million patients.
There is little detail regarding the specific cause of action that triggered the suit, but anyone that has been following this space can't be surprised. Despite the fact the both HIPAA and HITECH do not give plaintiffs a private cause of action (although under HITECH State AGs can bring suit on their behalf), clever attorneys will find causes of action in state law, that at minimum, give them a fighting change to survive a motion to dismiss. If they survive this motion then its "game on" with respect to the pressure on Sutter from legal fees and from dragging this through the courts, potentially for years.
As we have often stated, breach
notification is the 800 pound gorilla
of the HITECH Act.
These kinds of suits will continue to be a wake-up call to the healthcare industry. As we have often stated, breach notification is the 800 pound gorilla of the HITECH Act.
Looking for best of breed HIPAA Training?
To stay current on the HITECH Act and its quickly changing regulatory scheme visit the HITECH Survival Guide website and/or sign up for our free monthly compliance newsletter. Also, check out our FREE EHR Checklist.
If you need tools that will help with your compliance initiatives then check out the HSG Store. Are you for an Internet Lawyer with HITECH /HIPAA experience?
Comments