Settlement of Class Action Lawsuits by Gifted Healthcare and Presbyterian Healthcare Services

Settlement Offered to Settle Gifted Healthcare Data Breach Lawsuit

Gifted Healthcare has offered to settle a class action lawsuit that claimed negligence for not implementing appropriate cybersecurity steps that resulted in a data breach. The nursing agency based in Metairie, LA detected suspicious activity in the email account of an employee. The forensic investigation revealed that unauthorized individuals accessed three email accounts from August 25, 2021 to December 10, 2021. The analysis of the accounts was finished in July 2022, which confirmed the exposure of the personal data of 13,221 potential, present, and past employees, including names, financial account details, and Social Security numbers.

In response to the breach, the class action lawsuit Cheryl Covington V. Gifted Nurses LLC d/b/a Gifted Healthcare had been filed. Allegedly, the plaintiff and class sustained injuries because of the misuse of their information, which included fraudulent efforts to open bank accounts, reduced credit scores, and out-of-pocket expenditures for mitigation steps. The lawsuit claimed the breach victims will have to deal with an increased risk of data misuse, fraud, and identity theft for a long time. Besides negligence, the lawsuit claimed negligence per se, violation of privacy, unjust enrichment, and breach of express/implied contractual duty.

Gifted Healthcare did not admit to any wrongdoing but opted to resolve the lawsuit. The settlement has gotten preliminary court approval and settles all claims included in the lawsuit. Class members can file claims for as much as $400 to pay for documented, unreimbursed expenses resulting from the breach, for instance, communication costs and banking charges. Claims could likewise be filed for as much as $4,000 for extraordinary expenditures like losses to fraud and identity theft. All class members can get free credit monitoring and identity theft protection services for three years. Class members who don’t like the credit monitoring services can alternatively get a $50 cash payment. May 20, 2024 is the last day to file an objection to or exclusion from the settlement. Claims should be filed on or before September 16, 2024. The final approval hearing will be on August 1, 2024.

The plaintiff and class legal representatives are lawyers from the law firms Turke & Strauss, LLP; Gregory, Doyle, Calhoun & Rogers, LLC; Branstetter, Stranch & Jennings, PLLC, and Cohen & Malad, LLP.

Presbyterian Healthcare Services to Resolve Email Breach Lawsuit

Presbyterian Healthcare Services has offered to settle a class action lawsuit that was submitted by patients who had their protected health information (PHI) compromised in a phishing attack in 2019. In June 2019, the healthcare system based in New Mexico identified hackers had acquired access to some employees’ email accounts after they replied to phishing email messages. The email accounts included the names, birth dates, clinical data, health plan data, and Social Security numbers of 183,370 health plan members and patients.

In response to the data breach, a class action lawsuit was filed alleging that Presbyterian Healthcare Services failed to apply acceptable cybersecurity procedures and follow industry-standard cybersecurity protocols. The breach and potential HIPAA violation could have been avoided if those procedures were enforced. Presbyterian Healthcare Services did not concur with the accusations but has decided to resolve the lawsuit without admitting wrongdoing or responsibility.

As per the conditions of the settlement, people who were informed concerning the breach by Presbyterian Healthcare Services in 2019 can file claims of a maximum of $5,750 as a refund for out-of-pocket expenditures and losses sustained because of the data breach. They will additionally be eligible for a year of free credit monitoring services, which comes with an identity theft insurance policy worth $1 million.

Claims of as much as $750 can be sent for regular out-of-pocket costs like credit costs, communication expenses, and up to 3 hours of lost time worth $15 an hour. Claims may likewise be filed for around $5,000 to pay for extraordinary losses, which are recorded, unreimbursed losses associated with identity theft and fraud.

The court has given final approval of the settlement and claims need to be filed on or before May 16, 2024.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

John Blacksmith

John Blacksmith is a journalist with several years experience in both print and online publications. John has specialised in Information technology in the healthcare sector and in particular in healthcare data security and privacy. His focus on healthcare data means he has specialist knowledge of the HIPAA regulations. John has a degree in journalism.