Member Directory
Member Directory

Potential Data Breach Damage Sufficient for Medical Facility Suit

BMC wrote that patients medical records were "inadvertently made accessible to the public."

A Massachusetts Superior Court judge denied Boston Medical Center's request to dismiss the data breach case, ruling that the risk of potential injury was sufficient to move the case forward.

Former Boston Medical Center (BMC) patients filed suit against BMC, MDF Transcriptions, and its owner Richard J. Fagan, after a letter from the facility described a leak of medical records.

Members of the class alleged seven violations of law including an invasion of privacy, breach of fiduciary duty, and breach of confidentiality. Plaintiffs complaint stated, “what goes on the internet, stays on the internet.”

The former patients requested refunds for paid medical services from BMS as well as damages for the injury the exposure caused.

Was patient information misused?

BMC notified the plaintiff their medical records had been “inadvertently made accessible to the public through an independent medical record transcription service.” BMC also noted in the letter that they had “no reason to believe that [the release] led to misuse of any patient information.”

[sws_pullquote_right]See Also: SCOTUS Refuses to Hear Johnson & Johnson Appeal of $140M Motrin Case [/sws_pullquote_right]

The court noted that the plaintiffs were still unsure whether their information had been misused or if there was any further disclosure. However, the plaintiffs asked the court to issue an injunction to protect their information from any further exposure.

BMC requested the court to dismiss the claims mainly because the facility believed the plaintiff suffered no injuries, because the records were not accessed or misused by any unauthorized persons, and thus they lacked standing to bring their claim.

Quoting a recent state supreme court decision, Pugsley v. Police Department, “real and immediate” risk of injury can be enough to have standing to bring the claim. 472 Mass. 367 (2015).

Judge Edward Leibensperger in Boston believed at the early stages of case, the plaintiffs had presented enough facts to allow reasonable inferences that their information has been or could have been accessed during the time the data was breached. Additionally, the letter informing of the breach itself is sufficient to state a claim for relief.

This case is Walker and O’Rourke v. Boston Medical Center Corp, Case No. 2015-1733-BLS-1, Massachusetts Superior Court Business Litigation Session.

Thank you to Mintz Levin PC of Boston, MA for providing the opinion for accurate reporting of this story.

Find an Attorney

The National Trial Lawyers stands as an esteemed, exclusive association comprising top-tier trial attorneys nationwide. Whether you require a Civil Plaintiff Lawyer or a Criminal Defense Lawyer in your state, our network ensures access to premier legal expertise tailored to your needs.
Find Attorney

Read More Legal News

© Copyright 2022, All Rights Reserved | National Trial Lawyers
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram