Seaborn Larson reports:
Kalispell Regional Healthcare, northwest Montana’s largest healthcare provider, was sued late last month by one of the 130,000 patients whose information was possibly compromised in a data breach announced by the hospital in October.
William Henderson, represented by Billings attorney John Heenan, filed the civil complaint in Cascade County District Court on Nov. 25. The suit alleges Kalispell Regional Healthcare failed to take the necessary steps to protect patients’ private information before the breach.
Read more on ABC Fox Montana.
Note that this suit is reportedly filed under the Montana Uniform Health Care Information Act, which does allow residents to sue for pecuniary damages but also if there has been willful or grossly negligent conduct. In this case, the plaintiffs appear to be arguing, in part, that because employees fell for a phishing attack, Kalispell was negligent and hadn’t followed industry best practices.
It will be an interesting case to watch. I’ve emailed the plaintiff’s lawyers to see if they will share a copy of the complaint.