Sut­ter sued over theft of com­puter with pa­tient data

Modern Healthcare - - LATE NEWS -

A class-ac­tion law­suit was filed against Sut­ter Health in con­nec­tion with the theft of a desk top com­puter that held per­son­ally iden­ti­fi­able data of nearly 4.3 mil­lion pa­tients (see re­lated story, p. 20). The suit asks a Cal­i­for­nia court to re­quire Sut­ter to en­crypt its data at rest and seeks $1,000 a per­son in dam­ages for each mem­ber of the class of nearly 1 mil­lion peo­ple whose records were on the stolen of­fice com­puter. The 10-page com­plaint filed in Sacra­mento Su­pe­rior court names Karen Pardieck as the lead plain­tiff and Sut­ter Health, Sut­ter Med­i­cal Foun­da­tion and Sut­ter Physi­cian Ser­vices as de­fen­dants. Pardieck re­ceived a let­ter dated Nov. 16 from Sut­ter Med­i­cal Foun­da­tion CEO Tom Blinn in­form­ing her of the breach, ac­cord­ing to the com­plaint. The pro­posed class con­sists of “more than 944,000 Sut­ter pa­tients” who re­ceived sim­i­lar let­ters. Sut­ter dis­closed in a Nov. 16 state­ment that the com­puter was stolen from an ad­min­is­tra­tive of­fice in Sacra­mento the week­end of Oct. 15. The law­suit con­tends that Sut­ter failed to prop­erly se­cure the med­i­cal in­for­ma­tion in vi­o­la­tion of the Cal­i­for­nia Con­fi­den­tial­ity of Med­i­cal In­for­ma­tion Act. It specif­i­cally al­leges that “Sut­ter is and was neg­li­gent by fail­ing to store its pa­tients’ med­i­cal in­for­ma­tion in an en­crypted form” and “un­rea­son­ably de­layed” its no­ti­fi­ca­tion for at least 30 days in vi­o­la­tion of state law. Sut­ter Com­mu­ni­ca­tions Di­rec­tor Karen Gar­ner said in an e-mail that Sut­ter hadn’t re­viewed the com­plaint and couldn’t com­ment on pend­ing lit­i­ga­tion. “I do want to re­it­er­ate that we take our re­spon­si­bil­ity of pro­vid­ing qual­ity care very se­ri­ously, and that in­cludes pro­tect­ing our pa­tients’ per­sonal and med­i­cal in­for­ma­tion.”

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.