Rachel Z. Arndt reports the latest development in litigation stemming from a 2014 data breach disclosed by the University of Pittsburgh Medical Center. Within a year, more than 800 employees had reportedly become victims of tax refund fraud/identity theft.
The Pennsylvania Supreme Court last week revived an employee lawsuit against UPMC stemming from a data breach, ruling that companies must protect digitally stored employee data.
The UPMC health system is responsible for protecting the data it required its employees to provide, the court ruled. Employees sued the system for breach of contract after hackers stole the personal information of about 62,000 current and former employees. Hackers used the data—which included Social Security numbers, tax information, and bank account numbers—to file fraudulent tax returns and then to get the related tax refunds.
Read more on Modern Healthcare.