Three more recent announcements of lawsuit settlements involving healthcare entities. Two of the following involve ransomware and Massachusetts entities; the third is a phishing attack on an Arkansas entity.
North Shore Pain Management and Resolve I.T.
North Shore Pain Management has set aside $200,000 to settle a class action lawsuit that claimed the company and Resolve I.T. Inc. did not adequately protect personal information.
The class includes any person who received a notification that was sent by or on behalf of North Shore Pain Management regarding a data security incident that occurred in April 2020. At the time, DataBreaches criticized the entity for not disclosing that this was a ransomware attack by Ako ransomware operators and that protected health information had been dumped publicly.
The case is Kappotis, et al. v. North Shore Pain Management, Case No. 2077-CV-00611C, in the Essex County Massachusetts Superior Court. The settlement website is NorthShoreSettlement.com.
Sturdy Memorial Hospital
Top Class Actions also reports that Sturdy Memorial Hospital has agreed to reimburse out-of-pocket losses, lost time and extraordinary losses as well as credit monitoring services as part of a class action settlement regarding a data breach the hospital discovered in February 2021.
As reported in 2021, Sturdy disclosed that they paid ransom to get assurances that patient data was being deleted and not disseminated.
The case is Shedd, et al. v. Sturdy Memorial Hospital Inc. Case No. 2173-CV-00498 and 2273-CV-00162 in the Commonwealth Of Massachusetts, Superior Court, Bristol County. The official settlement website is SturdySettlement.com
Conway Regional Medical Center
Top Class Actions reports that Conway Regional Medical Center in Arkansas has set aside $295,000 to resolve a class action lawsuit that alleged the hospital did not adequately protect information and exposed patients’ health and personal data to criminals. The 2019 email phishing incident did not seem to get a lot of media coverage, but was reported by KATV.
The case is Marshall, et al. v. Conway Regional Medical Center Inc., Case No. 23CV-20-771, in the Faulkner County Arkansas Circuit Court. The official settlement website is ConwayDataSettlement.com.