Orthopedic and neurosurgery practice, Rebound Orthopedics & Neurosurgery P.C. based in Vancouver, WA, agreed to a $2,500,000 settlement in a class action lawsuit over a February 2024 data breach that exposed the protected health information (PHI) of 426,536 patients.
Security Incident Details
Rebound Orthopedics & Neurosurgery experienced unauthorized access to its systems in February 2024, resulting in potential exposure of patient information including names, birth dates, health information, medical insurance data, Social Security numbers, financial account details, passport numbers, and driver’s license numbers. In compliance with HIPAA breach notification laws, the practice began notifying affected individuals on April 15, 2024.
Litigation and Settlement
The first lawsuit related to the data breach was filed on February 7, 2025, in the Superior Court for Clark County, Washington. Five additional class actions were consolidated under the Cooper, et al. v. Rebound Orthopedics & Neurosurgery P.C.
Rebound does not admit any claims of fault, wrongdoing, or liability in the litigation. Nevertheless, the parties agreed to settle to avoid the burdens and uncertainties of continued litigation. A $2,500,000 settlement fund is created to cover attorneys’ fees, notification and settlement costs, service awards, and benefits for class members.
Settlement Benefits and Deadlines
Class members may claim a CyEx Medical Shield Complete credit and medical data monitoring service membership for two years. They can also choose to claim cash payment in one of two options. The first option is a refund for documented, unreimbursed losses up to $5,000. The second option is a pro-rata cash payment estimated at $75 per class member.
The deadline to submit a claim and to object to or opt out of the settlement is May 28, 2026. The final fairness hearing is scheduled for June 12, 2026.
Image credit : bixpicture, Adobestock / logo©Rebound
