Several hospitals and health systems across the U.S. are facing lawsuits regarding data breach incidents that involved patients' protected health information.
Editors note: This article was updated on April 14 and will continue to be updated.
Here are lawsuits involving four health systems as reported by Becker's since March 28.
April 14:
- A lawsuit claims that Greensburg, Pa.-based Excela Health improperly disclosed patients' protected health information to Facebook and Google.
- A lawsuit alleges that Clearfield County, Pa.-based Mount Nittany Health used pixels on its website that sent some patients' protected health information to Facebook and Google.
- A lawsuit filed April 3 alleges that Dallas-based Steward Health Care System's website used a Meta pixel tracking tool that sent some patient information to Meta and Google.
- An anonymous patient from Orlando Health filed a lawsuit March 16 alleging that the health system's website used pixel tracking technology that sent some patient information to Facebook.
March 21:
- Mena (Ark.) Regional Health System and Nashville, Ark.-based Howard Memorial Hospital are being sued for data breaches that affected 84,814 people in late 2021 and 53,668 patients in late 2022.
- San Bernardino, Calif.-based Regal Medical Group is facing 11 lawsuits for a December ransomware attack that compromised the protected health information of 3.3 million patients.
- A Lehigh Valley Health Network patient whose nude photos were posted to the dark web by a Russian ransomware gang sued the Allentown, Pa.-based health system.
- A lawsuit alleges that Lubbock (Texas) Heart & Surgical Hospital had inadequate cybersecurity practices in place when a July data breach compromised the protected health information of 23,379 current and former patients.
- Freehold, N.J.-based CentraState Medical Center has been hit with five more class-action lawsuits over a December cyberattack that affected nearly 618,000 patients, bringing the total to six.