Federal Court Dismisses LabMD's Suit Against FTC

A federal court has dismissed Atlanta-based LabMD's suit alleging the FTC does not have the power to broadly regulate data security and the FTC failed to inform LabMD of how its data security measures fell short relative to a data breach at the company.

In August 2013, the FTC filed an administrative complaint against LabMD alleging the medical testing laboratory failed to adequately secure consumer information and exposed roughly 10,000 consumers' personal information including consumers' names, Social Security numbers, dates of birth, insurance provider information and standardized medical treatment codes.

In March, LabMD filed suit in Georgia federal court against the FTC alleging the FTC commenced an investigation of LabMD in January 2010 and filed its administrative complaint without ever informing LabMD of how its data security measures were inadequate. The lawsuit further alleged the FTC does not have the power to broadly regulate data security and that Congress delegated the authority to regulate protected health information to HHS.

The Georgia federal court dismissed LabMD's complaint May 12, stating that it lacks jurisdiction over the issues in the case because only final agency actions can be reviewed in federal court, and there is no final action for the court to review in this case.

The court dismissed the complaint because if LabMD is successful in the ongoing administrative hearing then LabMD's complaint against the FTC that was filed in federal court will be moot. In support of its decision, the court stated "judicial intervention into the agency process denies the agency an opportunity to correct its own mistakes and to apply its expertise." 

More Articles on Healthcare Lawsuits:

Court Dismisses Most of Class-Action Lawsuit From 2011 TRICARE Data Breach
FTC Responds to LabMD's Motion For Summary Determination
5 Recent FCA Employee Whistle-Blower Case Settlements