Regarding the 4.5 million current and former patients whose health data breach occurred in May 2015, UCLA Health has reached a class-action lawsuit settlement. According to a news report, the settlement will provide $2 million for unreimbursed loss and preventive measures claims.
UCLA agreed to provide a cyber security enhancement fund with the remaining $5.5 million. The plaintiffs in this case are essentially patients whose personal information was exposed in a hack on the health system’s network.
Officials detected suspicious activity on the network in October 2014. However, at that time, it did not appear as if the hackers had gained access to systems containing personal and medical data. In May 2015, officials said the cyber attack was confirmed to have impacted those systems with patient information, including names, dates of birth, Social Security numbers, Medicaid or health plan identification numbers and some medical data.
Negligence on the Part of the Health System
In July 2015, those who suffered from the data breach filed a class-action lawsuit. The plaintiffs argued that UCLA Health was negligent in its security efforts to protect patient data, putting consumers at risk of identity theft. They also alleged that the health system did not report the data breach promptly.
Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), health providers are required to notify patients within 60 days upon the breach discovery. Further, they argued the health system should have foreseen the potential for a cyber attack given how common these types of data breaches have become among other health sector companies.
As a result of this settlement, UCLA Health agreed to a number of resolutions. First, all class members can sign up for complimentary identity protection services, providing coverage for two years. In addition, they agreed to reimburse patients for any money spent to protect themselves against identity theft or for losses suffered from fraud or identity theft.
Patients can get up to $5,000 for preventive costs and up to $20,000 in damages or losses. Most importantly, UCLA agreed to update its cyber security policies. If you have been affected and wish to claim, you must do so by May 20, 2019.
How Can You Protect Yourself?
Whether or not you have been a data breach victim, you should always do everything you can to keep your sensitive information secure. Here are a few tips:
- Create complex passwords. Use different passwords for each account and change them right away if a company you’ve recently done business with, gets hacked.
- Shop with a credit card. You may have less liability for fraudulent credit card charged. But you may not have the same kind of protection with a debit card.
- Look out for fraud. If you get a notice about a data breach, call the company to ensure it is legitimate.
- Set up account alerts, which provide you with notifications of suspicious purchases or account activity.
If you have been the victim of a data breach because of a corporation’s negligence, contact an experienced California class action lawyer to obtain more information about pursuing your legal rights.
Source: https://healthitsecurity.com/news/ucla-health-reaches-7.5m-settlement-over-2015-breach-of-4.5m
