Establishing Digital Trust: Don't Sacrifice Security for Convenience
Courthouse News Service reports that Kaiser Permanente is facing a class action lawsuit filed by Kaiser patient Ginger Buck over a November 2013 breach in which a flash drive containing 49,000 patients' medical records was stolen from Kaiser's Anaheim Medical Center in Orange County, Calif. (h/t HealthITSecurity).
According to the complaint [PDF], "On or around Dec. 2013, the private medical information of all patients - including plaintiff and the class - who had treated at Kaiser Permanente had been stolen."
Kaiser has acknowledged the breach, and says the stolen drive contained patients' names, medical record numbers and birthdates.
"Defendant Kaiser Permanente International is ranked as one of the nation's biggest HMOs," the complaint states. "Thus, it should be no surprise that when patients are treated at Kaiser's facilities, they expect that their private medical information will be kept confidential and will not be disclosed to anyone without their authorization. Indeed, California law requires that medical providers maintain their patients' medical information confidential and prohibits the disclosure of such information without the patient's written authorization."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
The lawsuit seeks $1,000 per class member, along with penalties, damages, interest and attorney's fees.