Christie Clinic
Data Breach

The Lyon Firm is actively involved in healthcare privacy and data theft cases and is currently investigating Christie Clinic data breach claims on behalf of victims in Illinois and nationwide.

According to a recent filing by the company, Christie Clinic reported suspicious activity on a company email account. Christie Clinic began an investigation of the security incident and confirmed that between July 14, 2021 and August 19, 2021, an unauthorized party accessed the email account and its contents.

Compromised information may include the following:

• Name
• Address
• Social Security number
• Medical information
• Health insurance information

On March 10, 2022, Christie Clinic identified the impacted individuals and began sending out data breach notification letters.

Established in 1928, Christie Clinic (Christie Business Holding Company, P.C.) is an Illinois medical practice with multiple locations throughout Illinois. Christie is based in Champaign, Illinois and employs approximately 900 people.

Joe Lyon is a highly-rated data breach lawyer and Privacy Attorney representing plaintiffs nationwide in class action security breach lawsuits.

Can You Sue following the Christie Clinic Data Breach?

Entities that collect and store data have a duty to protect personal information to the best of their ability. When they are negligent, and a data theft incident occurs, they may be liable for the following:

• Improperly monitoring data security systems for existing intrusions
• Not ensuring that vendors with access to computer systems and data employ reasonable security procedures
• Improperly training employees in handling emails containing personal data and maintain adequate email security practices
• Failure to implement technical policies and procedures to allow electronic data access only to individuals or software programs granted access rights
• Failure to implement procedures to review records of information system activity regularly, such as audit logs, access reports and security incident tracking reports
• Improperly protecting against reasonably anticipated threats or hazards to the security or integrity of stored data

An experienced class action privacy attorney can determine if you are eligible to file a data breach lawsuit or join a class of plaintiffs. Lawyers investigating the matter can assist in determining the following:

• Did the Christie Clinic fail to adopt security safeguards that would have prevented a breach?
• Did Christie Clinic notify customers as soon as it learned of the incident?
• Did Christie provide a complete list of all individuals impacted?
• Did Christie provide security in line with industry standards?

The HIPAA Breach Notification Rule calls for data breach notifications to be issued to the Secretary of the Health and Human Services “without unnecessary delay.” No later than 60 days after the date of discovery of a data breach, healthcare entities have a duty to alert the government and begin preparing to alert the public.

Consumer privacy attorneys say there has been a trend for HIPAA-regulated entities to wait as long as possible before alerting affected individuals, a practice that place consumers at a higher risk of identity theft and fraud.

In many cases, data breach notifications have been sent out many months after a security breach incident was detected. There may be valid reasons for a delay in reporting, though in some cases this institutes a severe disservice to those impacted by a data theft event.

Delays to individual data theft notifications could mean individuals’ Personal Health Information (PHI) has been in the hands of criminals for many months before they are even aware about the data theft.

Privacy lawyers claim promptly sending out individual data breach notification letters and being transparent about the fraud risk for individuals is not only ethical, but the only way to avoid stiff penalties.

The HHS has made it clear that if healthcare entities do not comply with the 60 day rule from the date of data breach discovery, they may be liable for notification violations.

Hundreds of companies across the nation have suffered data breaches in the last couple of years and have spawned dozens of class action lawsuits that seek to compensate victims for the damage and stress it has caused in their lives. If you have received a data breach notification letter, contact a data privacy lawyer to review.

Security breach settlements have recovered millions of dollars for victims. If you have been a victim of a security breach, contact a lawyer to discuss the data theft litigation process.

Joe Lyon is a highly-rated Privacy Attorney representing plaintiffs nationwide in class action security breach lawsuits.

What Do We Know About the Christie Clinic Data Breach?

Regardless of the reason for a security breach, victims have the right to file a claim against a company for failing to protect their information, and can lead to a class action lawsuit.

All companies and organizations must exercise reasonable care in protecting patient information, and if they do not, they can be held liable for the damages that result, including identity theft.

Security breach plaintiffs and privacy attorneys representing plaintiffs have been able to settle multi-million dollar recoveries. If you or a loved one has received notice of a data breach affecting you, or suspect signs of identity theft, contact a lawyer for a free consultation.

Individuals can be ruined financially and emotionally, and deserve proper online security measures. But many companies and hospitals violate privacy laws and consumer rights, and thus face legal action.

After a data breach turns your life upside down, remember that you are not the only victim. There are millions of Americans who suffer from data privacy every year, and in turn, seek legal action for compensation and to hold companies accountable for negligent security systems.

If you want more information on current data breach litigation and how to file a data theft class action lawsuit, contact The Lyon Firm for a free and confidential Christie Clinic case review.

How Do Data Breaches Occur?

A data breach typically occurs in malware, phishing attacks or ransomware attacks when a hacker or cybercriminal gains access to sensitive personal information that has been collected and stored on a company’s servers. Hackers often target organizations with weak or outdated security practices.

Once the information is obtained, it can be sold to third parties to use in identity theft or other fraudulent data theft schemes. Victims are at an increased risk of identity theft and financial losses.

If you have received a letter from Christie Clinic about a recent security incident, contact a class action privacy attorney.

Can You Sue For Data Breach?

Data Theft Lawyers believe companies who collect and store personal data have an ethical and legal duty to protect it to prevent data theft. Creating a proper network security system is expensive, however, and many medical facilities attempt to bypass these necessary costs. If a hospital or health entity like Christie Clinic fails to protect consumers’ and patients’ sensitive information, and data is stolen, they may be held liable.

The Lyon Firm encourages all potentially affected individuals in the security breach to act quickly and remain vigilant against potential medical identity theft and fraud by reviewing account statements, medical bills and credit reports. Contact a privacy attorney to review your case.

Companies have a duty to engage in the following system security measures:

• Properly monitor data security systems for existing intrusions
• Ensure that vendors with access to computer systems and data employ reasonable security procedures
• Train employees in the proper handling of emails containing PII and PHI and maintain adequate email security practices
• Implement technical policies and procedures to allow electronic PHI access only to individuals or software programs granted access rights
• Implement procedures to review records of information system activity regularly, such as audit logs, access reports and security incident tracking reports
• Protect against reasonably anticipated threats or hazards to the security or integrity of electronic PHI

What to do if You are a Victim of the Christie Data Breach?

After your data is stolen, you may always be at risk for future identity theft and fraud. But, you can protect yourself with identity theft coverage and subscribing to an ID Theft Recovery service.

It’s important to stay alert and watch for signs of illegal activity that uses your accounts. If you happen to see unusual activity, take the appropriate actions described above to help protect yourself. If you want more information on what to do when a data breach impacts you, call The Lyon Firm or visit the FTC identity theft website.

Remember that you are not the only victim of a data breach. There are millions of Americans who suffer from data privacy events, many of whom seek legal action for compensation and to hold companies accountable for negligent security systems.

Healthcare Security Breach 

The rise of healthcare hacks have left millions of patients vulnerable to stolen medical records and identity theft. The vast majority of hospitals and health insurance companies have reported medical record data breaches, and although it is unknown what can be done with medical data, patient’s financial data and personal information can easily be used in nefarious ways.

With the rise of electronic medical data storage in place of old paper files, there are more and more instances of healthcare related security breach incidents and subsequent class action lawsuits.