A California appellate court recently dismissed a class-action lawsuit against the University of California over a data breach that exposed the personal information of more than 16,000 patients of the UCLA Health System, according to an article on the California Healthline website.
The October 15 ruling states that health care providers are not necessarily liable when medical data are stolen or misappropriated unless the information is accessed by a third party.
In September 2011, an external hard drive containing personal information of 16,288 UCLA patients was stolen from the home of a doctor working with the UCLA Faculty Group. The records dated from July 2007 through July 2011.
The patient information on the lost hard drive was encrypted, but a piece of paper that had the password to decode the data also went missing, according to the article.There was no proof that the data had been accessed by a third party
In a statement quoted in the article, the California Hospital Association called the ruling "good news for hospitals and other health care providers who are victims of theft or hacking of medical information where the plaintiff cannot prove that the thief or hacker actually viewed the medical information"
Read the article.
Must Know Recalls of 2025
Sustainability as a Baseline in Healthcare Facilities
Comanche County Memorial Hospital and Southwestern Medical Center Join to Form Partnership
Choosing a Disinfectant That Kills Biofilm
Third-Party Data Breach Case Underscores Need for Cyber Risk Management