The West Virginia Supreme Court has held data breach victims whose information was posted to a publicly accessible website have standing to sue the clinic who experienced the data breach even though no one had suffered any quantifiable economic loss as a result of the breach, according to a National Law Review report.
The West Virginia Supreme Court's holding is in direct conflict with many other state and federal courts, including a holding in April by the United States District Court for the
The 2011 breach occurred when backup tapes from an electronic health record used by TRICARE were stolen from an SAIC employee's vehicle. .The D.C. federal judge dismissed 31 of the 33 plaintiffs named in the lawsuit by stating they had not suffered an "actual injury" that was quantifiable. The court held an increased risk of identity theft due to a data breach is irrelevant, and the plaintiffs must show "harm is certainly impending."
The federal court's holding is the standard, as the most frequently relied upon defense against suits for damages for release of personal information is the plaintiff's lack of standing because the plaintiff's harm is conjectural or speculative, according to the National Law Review.
The
In states with similar privacy laws as
More Articles on Class-Action Lawsuits:
15 Recent Healthcare Lawsuits, Settlements
Class-Action Lawsuit Filed Against UnitedHealthcare For Alleged Mental Health Law Violation
Class-Action Suit Filed Against Health Care Service Corporation Over Misused Profits