Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve Alder is considered an authority in the healthcare industry on HIPAA. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. She also claims she has experienced anxiety, sleep disruption, stress, fear, and frustration due to the data breach.Īuthor: Steve Alder is the editor-in-chief of HIPAA Journal.
The plaintiff claims to have had an increase in spam texts and phone calls following the data breach and has and will continue to spend considerable time and effort monitoring her accounts to protect against identity theft. The delay in detection and notification meant the plaintiff and class members were unaware that their sensitive data had been stolen and that they needed to take action to protect against identity theft and fraud.
The lawsuit also takes issue with the time it took the defendants to detect and report the breach.
The 4-count lawsuit makes similar claims and alleges violations of the HIPAA Security Rule. was filed on behalf of Harvard Pilgrim Health Care plan member, Tracie Wilson. The lawsuit alleges negligence, breach of implied contract, breach of fiduciary duty, and unjust enrichment.Īnother lawsuit – Tracie Wilson v. The lawsuit alleges the plaintiff and class members have been placed at imminent risk of harm and face an ongoing risk of identity theft and fraud. The 4-count lawsuit alleges the defendants “intentionally, willfully, recklessly, or negligently” maintained the sensitive data of customers and, as a result of the grossly negligent actions of the defendants, hackers were able to gain access to and steal the sensitive data of plan members. et al – was filed on behalf of Harvard Pilgrim Health Care member, Valeria Salerno Gonzales. District Court for the District of Massachusetts in response to the attack that claim the Massachusetts health insurer failed to implement reasonable cybersecurity measures to ensure the confidentiality of members’ information. One of the lawsuits – Salerno Gonzalez v. Credit monitoring and identity theft protection services have been offered to affected individuals at no cost for 2 years. Progress has been made in recovering from the attack over the past 7 weeks however, the IT systems that support the Harvard Pilgrim Health Care commercial and Medicare Advantage Stride health plans have yet to be brought back online and Point32Health expects the recovery process to take a few more weeks.Īt least 4 lawsuits have now been filed in the U.S. The forensic investigation confirmed the affected systems contained PHI such as names, addresses, phone numbers, birthdates, health insurance account information, Social Security numbers, provider taxpayer ID numbers, and clinical information and that information was in the files exfiltrated from its systems. The attack was detected when ransomware was used to encrypt and prevent access to files. According to Point32Health, hackers gained access to Harvard Pilgrim’s systems on March 28, 2023, and maintained access to those systems until April 17, 2023, when the intrusion was detected and blocked. Point32Health was formed following the merger of Harvard Pilgrim Health Care and Tufts Health Plan in 2021. Point32Health is the second largest insurer in Massachusetts and serves more than 2.4 million customers. Harvard Pilgrim Health Care and its parent company, Point32Health, are facing multiple class action lawsuits after hackers gained access to the protected health information (PHI) of more than 2.5 million individuals in an April 2023 ransomware attack. Ransomware Attack Triggers Multiple Lawsuits Against Harvard Pilgrim Healthcare & Point32Health
0 kommentar(er)
