There’s a follow-up to a breach disclosed in March by the Children’s National Medical Center. Tina Reed reports:
Children’s National Health System is facing a potential class-action lawsuit following the hack of the personal data of up to 18,000 patients last year.
Fardoes Khan, a longtime patient at Children’s, filed the suit after receiving a letter in February from Children’s informing her and other patients that their Social Security numbers, addresses, birth dates and telephone numbers were compromised. Personal health data — including diagnosis, treatment received, medical record number, medical record service codes and health insurance information — were also part of the data breached.
The suit, originally filed in Montgomery County, was moved to federal court last week.
Read more on Washington Business Journal.
It doesn’t seem that plaintiffs are claiming any actual injury such as credit card fraud or tax refund fraud, etc. The claim is based mostly on risk of future harm and statutory penalties. The one thing in their complaint that makes sense to me is that they are seeking credit monitoring services, which CNHS did not offer those affected. I haven’t looked at the complaint yet to see if they’re also seeking a monitoring service to prevent medical identity theft.