"Legal action was taken against Oak Valley Hospital following a security incident last year that involved unauthorized access to patient data. The breach was detected on July 18, 2023; however, hackers first gained access to its network three months previously on April 21, 2023. Information potentially stolen included names, Social Security numbers, health insurance information, and information about the care provided at the hospital. According to the breach notice sent to the HHS’ Office for Civil Rights, 284,629 individuals were affected.
A lawsuit was filed by patient Kathryn Rohrer – Rohrer, et al. v. Oak Valley Hospital District d/b/a Oak Valley Hospital – over the data breach that alleged a failure to implement reasonable and appropriate cybersecurity measures. As a result of the data breach, the plaintiff and class members alleged they faced an increased risk of identity theft and fraud.
The lawsuit asserted claims of negligence, breach of implied contract, breach of fiduciary duty, invasion of privacy, unjust enrichment, declaratory judgment, and violations of California Unfair Competition Law, the California Customer Records Act, the California Consumer Privacy Act, and the California Confidentiality of Medical Information Act.
Oak Valley Hospital chose to settle the lawsuit with no admission of wrongdoing. Under the terms of the settlement, class members are entitled to claim up to $5,000 for documented out-of-pocket expenses, including up to 3 hours of lost time at $30 per hour, plus a residual cash payment of $100, which may increase or decrease depending on the number of claims and the available funds. Oak Valley Hospital also agreed to invest in additional security measures.
The settlement has already received preliminary approval from the court and the claims deadline is November 19, 2024. The final approval hearing is scheduled for December 19, 2024."
https://www.hipaajournal.com/oak-valley-hospital-pacific-cataract-laser-institute-data-breach-settlements/
"Legal action was taken against Oak Valley Hospital following a security incident last year that involved unauthorized access to patient data. The breach was detected on July 18, 2023; however, hackers first gained access to its network three months previously on April 21, 2023. Information potentially stolen included names, Social Security numbers, health insurance information, and information about the care provided at the hospital. According to the breach notice sent to the HHS’ Office for Civil Rights, 284,629 individuals were affected.
A lawsuit was filed by patient Kathryn Rohrer – Rohrer, et al. v. Oak Valley Hospital District d/b/a Oak Valley Hospital – over the data breach that alleged a failure to implement reasonable and appropriate cybersecurity measures. As a result of the data breach, the plaintiff and class members alleged they faced an increased risk of identity theft and fraud.
The lawsuit asserted claims of negligence, breach of implied contract, breach of fiduciary duty, invasion of privacy, unjust enrichment, declaratory judgment, and violations of California Unfair Competition Law, the California Customer Records Act, the California Consumer Privacy Act, and the California Confidentiality of Medical Information Act.
Oak Valley Hospital chose to settle the lawsuit with no admission of wrongdoing. Under the terms of the settlement, class members are entitled to claim up to $5,000 for documented out-of-pocket expenses, including up to 3 hours of lost time at $30 per hour, plus a residual cash payment of $100, which may increase or decrease depending on the number of claims and the available funds. Oak Valley Hospital also agreed to invest in additional security measures.
The settlement has already received preliminary approval from the court and the claims deadline is November 19, 2024. The final approval hearing is scheduled for December 19, 2024."