Commentaries and Analyses – Page 594

Hold On, You Didn’t Overpay for That: Courts Address New “Overpayment” Theory from Plaintiffs in Data Breach Cases

Posted on August 11, 2016 by Dissent

Andrew C. Glass, David D. Christensen and Matthew N. Lowe of K&L Gates write: With the ever-increasing amount of personal information stored online, it is unsurprising that data breach litigation has become increasingly common. A critical issue in nearly all data breach litigation is whether a plaintiff has standing to pursue claims—especially where there is…

What HHS may not do, a state might

Posted on August 10, 2016 by Dissent

Back in June, 2014, this site noted two breaches disclosed by Rady Children’s Hospital in San Diego that involved patient data being disclosed to job applicants. Later that month, we learned that in the process of investigating the two known breaches, Rady uncovered two more such breaches. Rady duly notified HHS in June, 2014. More than two years later, there…

Analysis of World Check data leak by Risk Based Security: Hackers & Collectives

Posted on August 10, 2016 by Dissent

From RBS: In early July, it was revealed that a Thomson Reuters service known as World-Check had licensed information to a client that subsequently failed to secure the database. The leak, discovered by Chris Vickery, affected over 2.2 million persons identified as “heightened-risk individuals” that had been included in the World-Check database between 3/17/2000 and 9/17/2014. Shortly after the discovery, Risk…

Analysis of July healthcare data breaches

Posted on August 9, 2016 by Dissent

What kind of month was July for breaches involving health information. I counted 39 incidents reported during the month. Read Protenus’s blog for an analysis of the incidents. Update: Tom Sullivan of HealthcareITNews has a great write-up on the blog post.

An Assessment of the Anthem Data Breach Litigation Rulings

Posted on August 8, 2016 by Dissent

David Silverman writes: [Eric’s intro: this blog post helps distill Judge Koh’s two rulings, In re Anthem Inc. Data Breach Litig., No. 15-MD-02617 (N.D. Cal. Feb. 16, 2016) (“Anthem I”) and In re Anthem Inc. Data Breach Litig., No. 15-MD-02617 (N.D. Cal. May 27, 2016) (“Anthem II”). These are complicated opinions, and I hope this post helps…

Third Circuit Considers Injury-in-Fact Requirement for Data-Breach Class Actions

Posted on August 6, 2016 by Dissent

Natalie Garcia and Charles W. Mondora write: Two class actions currently pending in the United States Court of Appeals for the Third Circuit, In re Horizon Healthcare Services Inc. Data Breach Litigation (D. N.J. Mar. 31, 2015), appeal docketed, No. 15-2309, and Storm v. Paytime, 90 F.Supp. 3d 359 (M.D. Pa. 2015), appeal docketed, No. 15-3690, are being monitored closely…