Governance , Incident & Breach Response , Legislation & Litigation
Patients Whose HIV Test Results Were Exposed Will Get $75 Marianne Kolbasuk McGee (HealthInfoSec) • October 29, 2019A federal court has given preliminary approval for a $195,000 settlement of a class action lawsuit filed against medical testing laboratory Quest Diagnostics in connection with a 2016 data breach affecting 34,000 individuals that exposed HIV-testing information of some patients.
See Also: The Application Security Team's Framework For Upgrading Legacy Applications
The agreement, which was negotiated by mediators and approved on Oct. 25 by a New Jersey U.S. district court judge, settles a class action filed in 2017 in the aftermath of a November 2016 hacking incident involving Quest's MyQuest by Care360 internet application. The settlement comes after plaintiffs filed their original complaint in 2017 and then subsequently filed two amended complaints.
In a breach notification statement issued in 2016, Quest Diagnostics said that "an unauthorized third party" accessed the web application and obtained protected health information of approximately 34,000 patients.
The lawsuit against Quest Diagnostics alleges, among other claims, that the Secaucus, New Jersey-based company failed to safeguard its clients' PHI - including laboratory test results and personal identifying information such as names, dates of birth, and phone numbers - and also failed to provide "timely, accurate and adequate notice to plaintiffs and other class members that their private information had been stol ..
Support the originator by clicking the read the rest link below.
