A federal judge has allowed parts of a proposed class-action lawsuit against an EHR vendor involving a 2023 ransomware attack to proceed.
NextGen Healthcare was sued following a March 2023 hack in which the data of more than 1 million patients was breached. Two months earlier, the EHR company reportedly fell victim to a ransomware attack that the plaintiffs allege could have paved the way for the March breach, which ensnared Chicago-based Lurie Children's.
Judge Thomas Thrash Jr. of U.S. District Court for the Northern District of Georgia dismissed several claims July 25 that had been challenged by NextGen Healthcare but allowed the plaintiffs to continue seeking a complaint that the company failed to protect their personal information. The development was first reported July 30 by BankInfoSecurity.
Becker's reached out to NextGen Healthcare for comment.