« Information Technology
  

Sunflower Medical Group Facing Lawsuit Following January Data Breach

The lawsuit seeks a jury trial, damages, expanded credit monitoring services and security improvements at Sunflower Medical Group.

By Jeff Wardon, Jr., Assistant Editor


Sunflower Medical Group is facing a class action lawsuit following a data breach that exposed the protected health information of nearly 221,000 current and former patients, The HIPAA Journal reports. The breach occurred on December 15, 2024, but was not discovered until January 7, 2025. The compromised data includes names, addresses, Social Security numbers, medical records and health insurance details. 

The lawsuit alleges that Sunflower Medical Group failed to implement adequate security measures, did not follow FTC guidelines or HIPAA requirements and delayed notifying victims. 

Plaintiffs claim they face ongoing risks of identity theft, financial losses and lost time dealing with the fallout, according to The HIPAA Journal. The lawsuit seeks a jury trial, damages, expanded credit monitoring services and security improvements at Sunflower Medical Group. 

Sunflower Medical Group joins a growing list of healthcare organizations facing lawsuits over cyberattacks and data breaches. Other organizations such as Dameron Hospital Association and PIH Health have either settled their case or are currently undergoing litigation.  

Legal costs are but one price healthcare facilities and organizations may have to pay in the fallout of a cyber incident. Another cost is the damage done to an organization’s reputation, as they are trusted with all this sensitive information and then it winds up getting compromised.  

Take the case of Change Healthcare, where multifactor authentication (MFA) hadn’t been applied to a remote desktop access portal, allowing hackers to use compromised credentials to access their systems.  While a provider of revenue and payment cycle management for healthcare, the cyberattack they suffered rippled throughout the industry. 

“Given the hampered caregiving and operability due to the [Change Healthcare] breach, people’s opinions and trust will eventually decay to a point that is unfavorable for healthcare organizations and their facilities,” Errol Weiss, chief security officer at Health-ISAC, previously told Healthcare Facilities Today

Jeff Wardon, Jr., is the assistant editor of the facilities market.



March 31, 2025


Topic Area: Information Technology , Security

Recent Posts

The Hidden Risks of QAC Disinfectants in Healthcare Facilities

Quaternary ammonium compounds are a popular disinfectant choice, but they may be causing more harm than good. A review outlines the problems with QACs and offers a solution.

Sprinkler Compliance: Navigating Code Mandates, Renovation Triggers and Patient Safety

As CMS deadlines approach and renovation projects accelerate, healthcare facility managers must understand how NFPA 101, state fire codes and sprinkler design strategies intersect.

Baptist Health Acquires South Arkansas Regional Hospital

Now operating as Baptist Health Medical Center-El Dorado, the 151-bed facility is the 13th hospital in the Baptist Health system.

Wider View: Planning LED Upgrades Across a Healthcare Portfolio

Upgrade planning has to start with a systemwide, portfolio approach rather than a site-by-site mindset.

Cone Health Plans Hospital in Forsyth County of North Carolina

The 198,593 square-foot facility will be in southeast Forsyth County.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.