Law360 reports:
Adventist Health System/Sunbelt Inc. was slammed Tuesday by a class action in Florida federal court alleging it violated patients’ privacy rights by failing to prevent emergency room workers from selling access to the health care organization’s medical records database.
The complaint in Faircloth v. Adventist Health System/Sunbelt, Inc. stems from the insider breach at Florida Hospital Celebration, reported previously on this blog. Former employee Dale Munroe was arrested last year and pleaded guilty in January.
Read more on Law360.com (subscription required).
Update: I’ve uploaded the complaint and attachments to DataLossDB.org (free reg. required). The complaint alleges violations of HIPAA and industry (NIST) standards for data security. It also makes the argument that the $4,000 the plaintiff paid for his medical care included the protection of his sensitive information, and since FH failed to protect it, he got less than what he paid for.