Ian Fullerton reports the latest development in a case that I’ve been following on PHIprivacy.net and this site since August 2013:
Advocate Medical Group has been cleared in a case charging the organization with compromising patient privacy following a 2013 breach of its records.
The lawsuit alleged that patients of Advocate had been put at risk after computers were stolen from the company’s administrative building in Park Ridge.
A panel of the Illinois Second District Appellate Court in Elgin recently upheld the decisions of two Illinois trial judges who had dismissed the lawsuit.
Read more on Chicago Tribune. And yes, it was a standing issue, as the harm alleged was only “speculative.”
According to HHS’s public breach tool, HHS/OCR’s investigation of the incident appears to be still open. Will HHS do what the courts did not do and hold Advocate Medical Group accountable? The Illinois Attorney General’s Office was also reportedly investigating the breach, but I don’t recall ever seeing any follow-up from them.