Getty Images
IL Hospital Reaches $380K Settlement to Resolve Lawsuit Over Healthcare Data Breach
The healthcare data breach stemmed from an incident in which billing statements containing PHI were sent to the wrong patients.
Dixon, Illinois-based Katherine Shaw Bethea (KSB) Hospital reached a proposed settlement of $380,000 to resolve a class action lawsuit filed in the aftermath of a September 2021 healthcare data breach that stemmed from a vendor software error.
In late September 2021, KSB and Magnet Solutions, KSB’s third-party billing vendor, discovered that a software error resulted in incorrect patient information being mailed to patients between September 17 and September 20. According to the Office for Civil Rights (OCR) data breach portal, the breach impacted approximately 1,500 individuals.
The incorrect statements contained patient names, dates and locations of services, treating physician, encounter numbers, and billing history.
A subsequent lawsuit alleged that KSB breached its “duty to preserve the confidential and protected patient information of Plaintiff and Class members,” resulting in the breach.
“Plaintiff and Class members suffered and continue to suffer emotional harm, anxiety, embarrassment, and financial harm due to the unauthorized, unlawful, improper and unconsented release of their respective protected patient records,” the compliant stated.
KSB denied all allegations but agreed to a $380,000 settlement to resolve the lawsuit. Class members are eligible to receive payments up to $250 each.
Katherine Shaw Bethea Hospital is the latest healthcare organization to reach a settlement following a data breach. Logan Health Medical Center in Kalispell, Montana recently reached a $4.3 million settlement to resolve a class action lawsuit stemming from a Fall 2021 breach.
In addition, Scripps Health resolved a lawsuit by agreeing to a $3.5 million settlement following a 2021 ransomware attack that impacted 1.2 million individuals.