DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Analysis of Health Care Data Breach Litigation Trends

Posted on July 8, 2016 by Dissent

The law firm of Bryan Cave lists nine factors entities should look at when considering the risk that litigation poses following a breach. They note:

 Specifically, unless a plaintiff has been the victim of identity theft or has suffered some other type of concrete injury, most courts have refused to let them proceed based solely on the allegation that they are subject to an increased risk of harm as a result of the breach.

They then go on to list factors to consider in assessing risk:

  1. Was the quantity of records lost lower, or greater, than the average number of records involved in recent class action lawsuits?
  2. Were the records lost encrypted, obscured, or de-identified?
  3. Could the type of information lost be used to commit identity theft?
  4. Did patients suffer any direct monetary harm?
  5. Has there been any evidence of actual identity theft?
  6. Could the data loss hurt the reputation of a patient or cause emotional distress?
  7. Did you offer credit monitoring, identity theft insurance, and/or credit repair services?
  8. If so, what percentage of impacted consumers availed themselves of your offer?
  9. If filed as a class action, is the class representative’s claim of identity theft premised on unique facts?

Unfortunately, the article doesn’t indicate whether their list of factors is ranked in order of importance/predictive value or is just in random order. Looking at their list, I think 3, 4, 5, and 6 may be the most predictive of whether standing would be conferred, but I’ve written to them to ask their opinion, and will update this post if I get a response.

Their article also lists allegations plaintiffs have made that courts have not found sufficient to confer standing and allegations which some courts have found sufficient to confer standing.

Read the article here.

For another perspective on the risks of litigation with reference to specific court opinions, read  No harm, no foul? Private and public litigation in cybersecurity law.

No related posts.

Category: Commentaries and AnalysesHealth Data

Post navigation

← Insurance broker fined $1K for not following MPI privacy rules
Caldicott’s health security reform fails to address basic cyber hygiene →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.