San Juan Regional Medical Center
A cyberattack has resulted in a large amount of deleted data belonging to patients San Juan Regional Medical Center in New Mexico. According to officials, an unauthorized individual breached the network of San Juan Regional Medical Center in September 2020.
The hack was reported to the United States Department of Health and Human Services’ Office for Civil Rights on June 4 as a network server security incident impacting over 68,000 individuals.
The Lyon Firm is currently involved in a number of class action data breach lawsuits, representing plaintiffs nationwide. If you have had your data stolen, contact Joe Lyon for a free and confidential consultation.
In a statement released on October 7, the hospital said the following:
“After an extensive forensic investigation, we determined that as part of this incident, an unauthorized individual removed information from our network September 7–8, 2020.”
Files reportedly contained personal and protected health information of certain patients, including the following:
When personal data is stolen, it may be sold and later misused, placing victims at significant risk of fraud and identity theft. Medical data theft has become big business and individuals expect healthcare entities to protect their personal information.
When hospitals like San Juan Medical fail to protect your data, legal action may be necessary to recover rightful compensation.
The Lyon Firm is investigating the San Juan Medical data breach and is actively involved in numerous data privacy cases and has experience filing data security claims on behalf of plaintiffs nationwide.
After your data is stolen, you may always be at risk for future identity theft and fraud. But, you can protect yourself with identity theft coverage and subscribing to an ID Theft Recovery service.
It’s important to stay alert and watch for signs of illegal activity that uses your accounts. If you happen to see unusual activity, take the appropriate actions described above to help protect yourself. If you want more information on what to do when a data breach impacts you, call The Lyon Firm or visit the FTC identity theft website.
Remember that you are not the only victim of a data breach. There are millions of Americans who suffer from data privacy events, many of whom seek legal action for compensation and to hold companies accountable for negligent security systems.
If you want more information on current healthcare data breach litigation and how to file a data theft class action lawsuit, contact The Lyon Firm for a free San Juan data breach case review.
The rise of healthcare hacks have left millions of patients vulnerable to stolen medical records and identity theft. The vast majority of hospitals and health insurance companies have reported medical record data breaches, and although it is unknown what can be done with medical data, patient’s financial data and personal information can easily be used in nefarious ways.
With the rise of electronic medical data storage in place of old paper files, there are more and more instances of healthcare related security breach incidents and subsequent class action lawsuits.
An experienced class action attorney can determine if you are eligible to file a data breach lawsuit or join a class of plaintiffs. A lawyer can assist in determining the following:
ABOUT THE LYON FIRM
Joseph Lyon has 17 years of experience representing individuals in complex litigation matters. He has represented individuals in every state against many of the largest companies in the world.
The Firm focuses on single-event civil cases and class actions involving corporate neglect & fraud, toxic exposure, product defects & recalls, medical malpractice, and invasion of privacy.
NO COST UNLESS WE WIN
The Firm offers contingency fees, advancing all costs of the litigation, and accepting the full financial risk, allowing our clients full access to the legal system while reducing the financial stress while they focus on their healthcare and financial needs.
Without data breach class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.
Holding companies accountable for poor cybersecurity and data theft incidents helps ensure that consumers are better protected in the future.
Yes, in most cases. However, each case is different, but some recent lawsuits have proven to be quite valuable. In one data breach suit, Ohio Attorney General and attorneys general in other states obtained a $17.5 million settlement against The Home Depot due to a data breach in 2014. The settlement resolves a multistate data breach which exposed the payment card information of approximately 40 million Home Depot consumers.
The Home Depot data breach made vulnerable the company’s self-checkout point-of-sale system. In addition to the $17.5 million settlement, The Home Depot has agreed to improve network security and maintain data security practices in order to strengthen its data security program and protect the personal information of consumers.
Under current privacy law the firm or organization that is storing user data are responsible for data breaches and will pay any fines or damages that are the result of legal action. The actual data holder—an organization that provides cloud storage—is not usually legally implicated or held responsible in litigation.
The majority of data breach incidents are accidental, and not actually hacking events. Outside threats do pose personal data risks for consumers, though the bigger risk is the internal security and cloud-based data network. Some common ways data can be compromised include:
Privacy laws are meant to protect patients’ personal health data, and when institutions fail to protect personal data they may be sued for damages. In recent years much health data has been leaked and stolen, causing significant damages to plaintiffs who have have taken legal action.
In a recent case the American Medical Collection Agency (AMCA) settled with nearly 21 million people in 40 states and Washington D.C. concerning a data breach that may have exposed their personal information. The breach, which occurred in 2018, lasted nearly a year until official notice of the intrusion.
An unauthorized user gained access to the AMCA internal data system and collected the personal information, including Social Security numbers, financial information, and personal health information, such as medical tests and diagnostic codes.
Quest Diagnostics was alerted that the hack exposed the personal medical data of 11.9 million of its patients. LabCorp had 7.7 million patients exposed. A number of class action lawsuits were filed throughout the country, alleging negligence, breach of contract, and a variety privacy violations concerning data security.
A Class Action is a lawsuit brought by an individual on behalf of all other similarly situated individuals. Rule 23 of the Federal and State Rules of Civil Procedure allows for Class Action lawsuits to resolve disputes in an efficient format.
Class Actions are typically filed when the amount of money in dispute for a single plaintiff would not justify litigating the case, but where the amount of damages of the entire class of Plaintiffs would justify the cost of litigation. Without class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.
In order for a case to be certified as a Class Action, the Court must determine that the case is appropriate for class action treatment under Rule 23. There are different elements depending on whether the case is seeking monetary or injunctive relief. In general, the Court must find the following elements are satisfied:
Following a data breach incident, victims should consider talking to a legal expert, and move quickly to take the following steps to help prevent identity theft and fraud: