Healthcare Information Security

HIPAA and Compliance News

Patient Files Another Class Action Community Health Systems

By Patrick Ouellette

- Community Health Systems, Inc. (CHSI) is facing more legal action resulting from its data breach that affected 4.5 million patients, as patient Briana Brito filed a class-action lawsuit against CHSI on September 19.

Brito, who was hospitalized at Alta Vista Regional Hospital in Las Vegas, which is owned by CHSI, filed the suit in the 4th Judicial District Court in San Miguel County in New Mexico. According to the suit, “now faces a substantial increased risk of identity theft, if not actual identity theft” because CHSI didn’t notify patients in a timely manner, the Washington Times reports. And reports that the suit alleges CHSI “failed to implement and follow basic security procedures, subjecting patients to identity thieves.”

Brito and the class plaintiffs are looking for unspecified damages related to identity theft, consumer credit protection and insurance and attorneys in New Mexico and Texas are joining Brito to seek class action.

Sutter Health breach case plaintiffs petition Supreme Court

As they planned in July, plaintiffs in the privacy breach suit against Sutter Health have petitioned the California Supreme Court to review the case.

For background, an unencrypted laptop containing 4 million patient records was stolen from a Sutter Medical Foundation Sacramento office in 2011. The Third District Court of Appeal of California ruled this summer that Sutter Medical Foundation hadn’t violated the Confidentiality of Medical Information Act (CMIA). But, according to the Recorder, the plaintiffs’ attorneys believe the Supreme Court should look at the inconsistencies between the Third District’s opinion and the Second District Court of Appeal’s decision, which said that Sutter had in fact violated CMIA and there was true harm caused by the breach.

“Review by this court therefore is necessary to secure uniformity of decision,” the lawyers wrote in their petition, “to provide guidance to [the Department of Public Health] regarding the proper scope of its regulatory role in this area, and to protect the informational privacy rights of all Californians, whose highly-sensitive medical records are increasingly at risk in this digital age.”

Sutter Health’s legal team will refute the petition by saying the two courts agreed that a theft of confidential medical doesn’t mean an unauthorized person viewed the information. “There is and was no question about the uniformity of decision in the two cases,” Sutter’s lawyers wrote. “Their respective conclusions are clear, straightforward, and not subject in any way to disagreement.”

HIPAA waiver deemed enforceable by Eleventh Circuit judge

A Florida medical malpractice law that forces prospective patients to sign HIPAA waivers doesn’t go against the spirit of the federal regulation, according to an Eleventh Circuit ruling on Friday.

Law360 reports that Florida state law requires patients to authorize a potential defendant provider to interview the patient’s other treating healthcare providers (without their attorney present) before they can file a medical negligence claim.

U.S. District Judge Robert L. Hinkle ruled in September for Plaintiff Glen Murphy, who argued that the law goes against HIPAA privacy laws. But the Eleventh Circuit said that authorization “shall be construed in accordance with the ‘Standards for Privacy of Individual Identifiable Health Information’ found in HIPAA’s privacy rule.”

“The Florida law requires only that a prospective plaintiff act in accordance with a federal provision, exactly as contemplated by Congress and the secretary who promulgated the regulations, before filing a medical negligence complaint in state court,” the opinion read, according to Law 360.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...