Ransomware attacks can cost healthcare systems in terms of the time and effort to prevent and respond to the event, but in the event of one recent attack, the costs are moving into other areas.
Class-action lawsuits are piling up around the ransomware breach that impacted Scripps Health facilities and patients in May, according to the San Diego Union-Tribune. Two such cases were filed in federal court recently, joining two already on the books in state court from early June.
All the lawsuits reference the same set of basic facts, noting that Scripps began sending letters to more than 147,000 of its customers on June 1, warning them that their personal information may have been compromised during the attack that kept electronic systems down for nearly a month.
All make essentially the same basic claim: Scripps failed in its duty to protect patient information, subjecting patients to potential fallout from identity theft to medical fraud.
Scripps declined to discuss the suits because they are pending.
San Diego County’s second-largest health care system has said that only a small number of those whose records were at risk — nearly 3,700 — have had their Social Security and/or driver’s license numbers compromised.
Case Study: How NYU Langone Rebuilt for Resilience After Superstorm Sandy
Frederick Health Hospital Faces 5 Lawsuits Following Ransomware Attack
Arkansas Methodist Medical Center and Baptist Memorial Health Care to Merge
Ground Broken on Intermountain Saratoga Springs Multi-Specialty Clinic
Electrical Fire Tests Resilience of Massachusetts Hospital