Quest Shells Out $195K to Settle Massive HIV Data Breach Class Action
Government fines, public embarrassment, loss of provider and patient trust. As if these consequences weren’t scary enough, massive PHI breaches can expose your lab to a new kind of risk: class action lawsuits by those whose personal information was compromised. Exhibit A is the recent case against Quest Diagnostics. The case began in November 2016 when a massive cyberattack compromised the PHI of nearly 12 million people. Among the victims, the hackers were able to gain access to the SSNs, HIV test results and other personal information of Quest patients via the MyQuest by Care360 internet app. Rather than chase after Quest individually, a group of 34,000 victims banded together to bring a massive class action accusing Quest of negligently failing to safeguard their PHI and provide them timely notification of the breach, among other things. Quest denies the allegations. And who knows what would have happened had the case proceeded to trial. But as is often the case when confronting the risk of not only liability but also liability multiplied by the number of class members, it decided to settle the case. The cost: $195,000, including $250 to each individual who can demonstrate they suffered monetary loss as a […]
Subscribe to view Essential
Start a Free Trial for immediate access to this article