DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Accretive moves to dismiss AG's law suit

Posted on April 30, 2012 by Dissent

John O’Brien recaps the Accretive Health news reported on this blog last week (here, here, and here):

 A New York City law firm has followed up on Minnesota Attorney General Lori Swanson’s lawsuit against Accretive Health, filing a securities class action suit against the company.

In January, Swanson filed a suit against Accretive, a Chicago company that engages in medical debt collection, for allegedly failing to protect patient health care confidentiality. Last week, the firm Bernstein Liebhard initiated a shareholder suit that alleges the company and some of its executives failed to disclose they were violating health privacy laws.

Accretive’s stock plunged 42 percent last week after Swanson released a report on her investigation. It says the company may have violated state and federal laws by asking patients to pay their bills as they sought care.

But Accretive is fighting back and issued a press release today:

Accretive Health, Inc. today filed a motion to dismiss the Minnesota Attorney General’s Complaint in federal district court in Minnesota. The motion denies the Attorney General’s claims and requests that the Court dismiss the complaint, in its entirety, with prejudice. As stated in the motion, the Company believes “…the Attorney General’s First Amended Complaint includes allegations that are factually baseless and legally indefensible. What is worse is that rather than litigate this case in the courtroom, the Attorney General orchestrated a nationwide media campaign against Accretive Health.”

The motion includes the following grounds for dismissing the case:

1) The core of this case involves the criminal theft of a password-protected laptop. Under the federal Health Insurance Portability and Accountability Act (HIPAA) and the Minnesota Health Records Act, a company cannot be held liable for the unforeseeable criminal act of a third party stealing a corporate laptop. Further, in the ten months since the laptop was stolen, there is no evidence (and the Attorney General does not even claim) that any patient data has been compromised. As a result, in the absence of any injury, the Attorney General lacks legal standing to pursue claims under HIPAA and the Minnesota Health Records Act as a matter of law.

2) On February 3, 2012, Accretive Health entered into a Consent Order with the Minnesota Department of Commerce to address its debt collection practices in Minnesota. Accretive Health continues to work cooperatively with the Department of Commerce. Under fundamental principles of law, the Attorney General is barred from pursuing the identical claims already addressed by a fellow state official.

3) The Attorney General’s consumer fraud claims are baseless in fact and law. In particular, it is undisputed that information about Accretive Health’s Quality and Total Cost of Care (“QTCC”) services at Fairview Health System, aimed at developing strategies to reduce emergency room admissions and in-patient stays for the sickest five percent of patients, were widely disseminated to the public in securities filings and media accounts, defeating any fraud claim.

As with all litigation, no assurance can be provided as to the outcome of the matters discussed herein.

[…]

Interesting that they say, “Under the federal Health Insurance Portability and Accountability Act (HIPAA) and the Minnesota Health Records Act, a company cannot be held liable for the unforeseeable criminal act of a third party stealing a corporate laptop.” I would argue that theft of an unencrypted laptop from an unattended vehicle actually is a foreseeable act given how many reports of laptop thefts from cars have been reported in the media over the years.

We’ll see what the court says.

Category: Health Data

Post navigation

← ICANN to notify domain applicants of data breaches
Vol State: Personal information found vulnerable for 14,000 students, faculty →

2 thoughts on “Accretive moves to dismiss AG's law suit”

  1. Anonymous says:
    May 6, 2012 at 5:37 pm

    Accretive states it was an”password-protected laptop.” Is Accretive claiming that password protection means HIPAA compliant?

    Or is that statement to be attributed to ignorant legal representation or poor press release prose?

    1. Anonymous says:
      May 6, 2012 at 9:38 pm

      I doubt they are suggesting that password protection is sufficient. I think they’re focusing on the damages aspects of state attorney general provisions, but the statute says “threats” to residents, which a stolen unencrypted laptop does pose, in my opinion. And there are statutory damages that can be awarded. I don’t MN law, but I think the state AG can sue them under HIPAA.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.