21 results for 'cat:"Health Care" AND cat:"Privacy"'.
J. Bethel finds that the appeals court improperly overturned the trial court's denial of class certification in a negligence, contract and invasion of privacy action brought by the patient against the owner of a behavioral health and addiction treatment facility. The patient alleged an employee of the facility disclosed his and other patients' information without authorization. The trial court correctly found that the proposed class lacked typicality. The trial court's analysis and conclusion that some proposed class members had information revealed while the patient bringing the action did not was not unreasonable. Reversed.
Court: Georgia Supreme Court, Judge: Bethel, Filed On: September 4, 2024, Case #: S23G1224, Categories: health Care, privacy, Class Action
J. Aiken partially grants a hospital system’s motion to dismiss a patient’s class action that alleges the hospital system used hidden tracking tools on its website to collect and send personally identifiable information to third parties. The patient didn’t sufficiently prove there was an implied contract for the security of their information on the hospital’s website, though did sufficiently prove claims for unjust enrichment, negligence, unauthorized interception, intrusion upon seclusion and breach of contract.
Court: USDC Oregon, Judge: Aiken, Filed On: August 28, 2024, Case #: 6:23cv1691, NOS: Other Statutory Actions - Other Suits, Categories: health Care, privacy, Class Action
J. Paez finds that the district court improperly entered judgment for the Chief Court Administrators of the Hawaii state courts and held that Hawaii Court records rules requiring that all medical and health records filed in any court proceeding be filed under seal without further order of a judge are unconstitutionally overbroad. A state may not mandate the categorical sealing of all medical and health records. Reversed.
Court: 9th Circuit, Judge: Paez , Filed On: August 28, 2024, Case #: 23-15108, Categories: health Care, privacy
J. Thrash grants the health care provider's motion to dismiss the patients' amended putative negligence, invasion of privacy and breach of fiduciary duty class action. The patients claimed that the provider violated the Electronic Communications Privacy Act by disclosing confidential health information to Facebook through data collection and tracking tools on the provider's website and patient portal. The patients voluntarily gave personal and protected health information to the provider, therefore the patients have not alleged an intrusion into their seclusion. The patients also failed to allege that they suffered damages from receiving targeted ads and failed to state a plausible breach of fiduciary duty claim. The class's motion to appoint interim co-lead class counsel is granted.
Court: USDC Northern District of Georgia, Judge: Thrash, Filed On: August 28, 2024, Case #: 1:23cv5416, NOS: Other Personal Injury - Torts - Personal Injury, Categories: health Care, privacy, Class Action
J. Austin grants a health company dismissal of invasion of privacy claims because plaintiff, a patient who seeks to bring a class action on behalf of herself and similarly situated plaintiffs, failed to demonstrate she suffered injury.
Court: USDC South Carolina Aiken, Judge: Austin, Filed On: August 16, 2024, Case #: 6:23cv3153, NOS: Other Personal Injury - Torts - Personal Injury, Categories: health Care, privacy, Class Action
Want access to unlimited case records and advanced research tools? Create your free CasePortal account now. No credit card required to register.
Try CasePortal for Free
J. Gorton denies two IT companies’ motion for judgment on the pleadings, where they are being sued by an insurance company and an insured health care organization due to a data breach caused by one of the IT company’s employees who left a data port open. This allowed third parties to access patients’ confidential, protected health care information, which the IT companies failed to detect until seven weeks later. The IT companies’ delay in staging its judicial estoppel defense prejudiced the insurance company and its insureds’ ability to respond to the defense.
Court: USDC Massachusetts, Judge: Gorton, Filed On: July 17, 2024, Case #: 1:20cv11997, NOS: Other Contract - Contract, Categories: health Care, privacy, Technology
J. Daniel partially grants a medical center’s motion to dismiss a class action alleging it clandestinely sent personally identifiable health information to companies like Google and Facebook. Two of its patients claim the medical center sent this information to the companies via its online platform, which allows users to schedule appointments, talk with doctors and review their medical history. The patients subsequently filed suit on behalf of two separate classes: Illinois residents and patients nationwide. The court allows their claims for violations of the Electronic Communications Privacy Act and Illinois Eavesdropping Statute to survive, along with their negligence claim. However, the court finds the plaintiffs have not sufficiently alleged their claims for unjust enrichment and violations of the Illinois Consumer Fraud and Deceptive Business Practices Act.
Court: USDC Northern District of Illinois, Judge: Daniel, Filed On: July 9, 2024, Case #: 1:23cv15828, NOS: Other Personal Injury - Torts - Personal Injury, Categories: health Care, privacy, Class Action
J. Pittman finds that the Department of Health and Human services has overstepped its bounds in creating guidelines for a rule that substantially redefine what constitutes Individually Identifiable Health Information (IIHI) that is protected under the Health Insurance Portability and Accountability Act (HIPAA). The guidelines effectively broadened the definition of IIHI so it could potentially include information collected by third parties when an individual accesses an unauthenticated public webpage in search of information about a health condition from an IP address which could be an identifiable datapoint connecting the searched conditions to the individual. This is beyond the original definition of IIHI and thus the action exceeds the agency’s authority at this stage of rulemaking. The hospitals’ request for declaratory judgment is granted; the guidelines issued by the HHS are unlawful.
Court: USDC Northern District of Texas , Judge: Pittman, Filed On: June 20, 2024, Case #: 4:23cv1110, NOS: Other Statutory Actions - Other Suits, Categories: Administrative Law, health Care, privacy
J. Flanagan denies a health care company’s motion to dismiss this action alleging negligence, breach of contract and injunctive relief brought by a class of consumers claiming that the company did not keep their personal information secure. The company further requests the federal government to substitute itself for the company as a party to this suit under a federal health centers assistance law. The law extends immunity to such companies, but only to damages resulting from medical, surgical, dental or related functions. The company’s failure to secure consumers’ information is considered administrative behavior, as opposed to medical or otherwise, so immunity under the invoked law does not cover this claim.
Court: USDC Eastern District of North Carolina, Judge: Flanagan, Filed On: June 17, 2024, Case #: 7:23cv979, NOS: Other Personal Injury - Torts - Personal Injury, Categories: health Care, Tort, privacy
J. Stewart finds the district court properly granted summary judgment in favor of the disability rights advocacy group. The group sought to compel disclosure of video footage related to a client's involuntary confinement. Though the video is protected health information, it may be disclosed “to the extent that...disclosure is required by law and... [is compliant]” under the required-by-law exception. Affirmed.
Court: 5th Circuit, Judge: Stewart , Filed On: June 5, 2024, Case #: 23-20171, Categories: Civil Rights, health Care, privacy
J. Jolly finds the district court properly remanded the class action to state court. The data privacy dispute was brought under allegations the healthcare-associated entity embedded tracking pixels onto its website sharing private information with third-party websites. Though the company says it acted under the direction of a federal officer, at least two other circuits have found a hospital does not act under the direction of the federal government when maintaining an online patient portal utilizing tracking pixels. The federal relationship is weak, and the company cannot show that it acted pursuant to a federal officer’s directions for purposes of federal officer removal. Affirmed.
Court: 5th Circuit, Judge: Jolly , Filed On: May 13, 2024, Case #: 23-30522, Categories: health Care, privacy, Jurisdiction
J. Geraci finds that some claims can proceed in a class action that alleges the healthcare facility failed to properly protect patient information and disclosed it to others on Facebook. It is plausible that the information transmitted when a patient scheduled an appointment could be used to identify an individual, that the company intentionally incorporated the web program into its servers, and that the company had a duty to protect the data.
Court: USDC Western District of New York, Judge: Geraci, Filed On: March 19, 2024, Case #: 6:23cv6027, NOS: Other Contract - Contract, Categories: health Care, privacy, Technology
J. Daniel partially grants a nonprofit health care services organization’s motion to dismiss negligence, breach of contract and fraud claims brought by two of the nonprofit’s former patients. The patients brought the claims in response to a 2022 data breach of the nonprofit’s patient database that exposed their personal info to unknown individuals. Of all the claims, the court finds that only the patients’ negligence claim is sufficiently alleged to survive dismissal.
Court: USDC Northern District of Illinois, Judge: Daniel, Filed On: January 17, 2024, Case #: 1:23cv1108, NOS: Other Personal Injury - Torts - Personal Injury, Categories: health Care, Negligence, privacy
J. Smith finds a lower court properly dismissed a class of patients' medical privacy claims against a health system. The class of patients argued that the health system provided their personal information on Google and Facebook, in order to obtain incentive payments and targeted ads. However, the health system presented sufficient evidence that the information uploaded in its portal was "depersonalized" metadata, and that the online patient portal is not a "basic governmental task," which triggers a remand to State court. Affirmed.
Court: 8th Circuit, Judge: Smith, Filed On: December 28, 2023, Case #: 23-1107, Categories: health Care, privacy, Class Action
J. Lake dismisses a putative class action against a nonprofit healthcare organization on claims arising from a data breach, during which 83,000 of its patients' personal and medical information was accessed. The nonprofit did not waive its governmental immunity under Texas law.
Court: USDC Southern District of Texas, Judge: Lake, Filed On: December 13, 2023, Case #: 4:23cv3448, NOS: Other Contract - Contract, Categories: health Care, Immunity, privacy
J. Thissen partially affirms the district court's dismissal of a case brought by patients seeking disclosure of their medical records. Individuals may bring a private right of action under the private attorney general statute, but not under the Minnesota Health Care Bill of Rights. Affirmed in part.
Court: Minnesota Supreme Court, Judge: Thissen, Filed On: December 6, 2023, Case #: A21-1518, Categories: health Care, privacy
J. Neville finds that the appeals court improperly reversed the circuit court, which dismissed a complaint against a law firm alleging it violated the Mental Health and Developmental Disabilities Confidentiality Act by issuing a press release describing its client's suicide attempt and resulting injuries after winning a $4.2 million judgment. The Act does not protect confidential information that was voluntarily revealed in a public trial. Reversed.
Court: Illinois Supreme Court, Judge: Neville, Filed On: November 30, 2023, Case #: 129097, Categories: health Care, Public Record, privacy