UCLA Health Facing Data Breach Class Action lawsuit

Were you looking for UCLA Data Breach Lawsuit lawsuits?
- by

Los Angeles, CA: UCLA Health System Auxiliary is facing a data breach class action over allegations it failed to provide security measures capable of preventing a recently reported data breach. According to the California health care provider, they experienced a data breach that potentially exposed 4.5 million patients' personal medical information to hackers.

Filed on behalf of plaintiff Michael Allen, the lawsuit contends that the breach was the direct result of the hospital network' failure to take the "basic steps"necessary to safeguard patient information. Further, Allen claims that by allowing the hack to occur, UCLA Health broke a contractual promise to its clients.

"Due to defendants' failure to take the basic steps of encrypting patients' data, it was much easier for cyber thieves to interpret the information, use it to steal the identities of defendants' patients, or sell to others who would use defendants' patients' personal and health information,"the complaint states.

Allen alleges he made multiple visits to a UCLA Health center starting in February 2013, all requiring him to provide his personal information. Due to the sensitive nature of the now-compromised information, Allen claims he is at risk for identity theft, the result of which can take years to deal with. The information that was compromised includes social security numbers, names, Medicare numbers, addresses and more.

Additionally, the complaint criticizes UCLA Health for not revealing the UCLA data breach sooner, noting that it had begun investigating a possible breach in October but didn't disclose the attack until about nine months later.

The lawsuit contends that in light of a recent trend involving hackers targeting "big players"in the health care industry, as well as scrutiny by security experts and patient advocates, UCLA should have been better prepared.

"Defendants knew or should have known of the risks inherent in maintaining their customers' nonpublic personal and health information, and if such information was stolen, it would have dire consequences for those customers,"Allen states.

While UCLA Health has maintained that it is unable to confirm if any information was actually stolen, an investigation conducted with the aid of the FBI revealed that the hackers may have accessed parts of servers that contain patient information.

According to a statement by UCLA, the cyber attack likely occurred in September 2014. UCLA consists of four hospitals and numerous primary- and secondary-care facilities in the Los Angeles area.

Allen accused UCLA Health and the university' board of regents of fraud, invasion of privacy, breach of contract, negligence and violating California laws, including the Confidentiality of Medical Information Act (CMIA). Every violation of the CMIA entitles individual class members to $1,000 in statutory damages plus an additional $3,000 in punitive damages, according to Allen, who is also seeking another $1,000 per violation of California's Business & Professions Code.

Allen is represented by Kevin Mahoney of Mahoney Law Group APC and Briana M. Kim of Briana Kim PC. The case is Allen v. UCLA Health Systems Auxiliary et al, case no. 2:15-cv-05487 in the U.S. District Court for the Central District of California.

UCLA Health Data Breach Class Action lawsuit Legal Help

If you or a loved one has suffered similar damages or injuries, please fill in our form on the right and your complaint will be sent to an internet/technology lawyer who may evaluate your claim at no cost or obligation.

Reader Comments

Posted by

I'm the victim of identity theft recently- my personal information is part of this data breach. Does UCLA offer help to those involved with the data breach?

Add Your Comment on This Issue

Please read our comment guidelines before posting.

Note: Your name will be published with your comment.

Your email will only be used if a response is needed.

Request Legal Help