Contents
UC San Diego Health Reveals Health Data Controversy
The data breach affected 495,949 patients. The lawsuit alleges negligence, breach of contract, and violation of California’s consumer privacy and medical confidentiality laws.
The lawsuit alleges that UC San Diego Health’s business client Solv Health added the code to the health system’s websites without permission. The statistical code collects first and last names, dates of birth, email addresses, IP addresses, third-party cookies, insurance types, and reasons for appointments.
UC San Diego Health Reveals Advances in Health Information
Health care giant HCA Healthcare reported in March that the personal information of 11 million patients at hospitals in 20 states may have been stolen for sale online through the Internet. For example, information such as addresses, phone numbers, e-mail addresses and dates of birth are posted on websites frequented by hackers in an attempt to sell them. The data breach was larger than HCA had previously disclosed, although the samples did not include Social Security numbers, credit card information or medical records such as diagnoses.
UC San Diego Health disclosed a similar data breach in April due to a cybersecurity incident with its vendor, Solv Health. Solv installed analytics tools on UCSD’s patient-facing websites without the health system’s consent, which allowed unauthorized disclosure of personal and medical information. Data collected includes first and last names, date of birth, gender, email address, IP addresses, third party cookies and protected health information. UCSD worked with Solv to identify the affected individuals and notified the Federal Bureau of Investigation.
UC San Diego Health Offers Acceptance Notification Letters
On April 8, UC San Diego Health disclosed that hackers gained unauthorized access to some of its employees’ email accounts in an attack that could have exposed medical and personal information. It did not say how many people were affected by the hack at the time, and is continuing to investigate with the FBI and cybersecurity experts to determine what information was obtained and by whom.
In addition, the UC San Diego Medical Center said it found no evidence that the hackers used the data they obtained for malicious purposes. It did not say what type of information was obtained, but according to reports submitted to the Department of Health and Human Rights Services by Solv Health, the information may include full names, dates of birth, addresses, telephone numbers , fax. numbers, IP address, third party cookies and protected health information.
In the meantime, UC San Diego Health is working to notify affected individuals and arrange for those affected to receive one year of free credit monitoring and identity theft protection services through IDX, the provider of the solution. solve the problem. She also said that she has improved security measures since the incident.
UC San Diego Health Investigates Claims
In her lawsuit, Menezes argued that UC San Diego Health “failed to implement reasonable security procedures and practices, failed to provide its employees with basic cyber training designed to prevent attacks.” phishing, and failed to disclose the facts surrounding the lack of data security regulations.” She also claimed that the health system took too long to notify victims.
UC San Diego Health has begun notifying individuals whose information was exposed in the email breach on a rolling basis where contact information is available. The company is reviewing the files to determine the identity of the information disclosed to unauthorized parties.
HIPAA’s Breach Notification Rules require healthcare organizations to report a breach within 60 days of discovery. However, UC San Diego Health may delay notifying affected patients to allow time for a full review of compromised data. This delay may be in violation of the HIPAA Disclosure Act and may expose victims to additional harm, including increased risk of identity theft and fraud.
Levin Papantonio Law Firm Investigates Claims
When a company suffers a data breach, the law firm of Levin Papantonio investigates possible claims. In many cases, class action lawsuits can be filed on behalf of consumers who have been harmed by the infringement. These damages can include emotional distress, financial loss, additional costs, and other financial losses.
According to UCSD Health, Solv has been using analytics tools without the company’s consent and these tracking technologies have disclosed data to unauthorized parties. This includes first and last name, date of birth, email address, IP address, third party cookies, and protected health information. However, Social Security numbers, medical record numbers, and debit and credit card information are not disclosed.
Levin Papantonio has successfully litigated thousands of consumer cases related to data breaches. She has won billions of dollars for her clients. For example, it was one of the largest law firms representing victims in the massive BP oil spill settlement. It also won the largest civilian tort in history for soldiers and veterans of Camp Lejeune.