A California appellate court recently dismissed a class-action lawsuit against the University of California over a data breach that exposed the personal information of more than 16,000 patients of the UCLA Health System, according to an article on the California Healthline website.
The October 15 ruling states that health care providers are not necessarily liable when medical data are stolen or misappropriated unless the information is accessed by a third party.
In September 2011, an external hard drive containing personal information of 16,288 UCLA patients was stolen from the home of a doctor working with the UCLA Faculty Group. The records dated from July 2007 through July 2011.
The patient information on the lost hard drive was encrypted, but a piece of paper that had the password to decode the data also went missing, according to the article.There was no proof that the data had been accessed by a third party
In a statement quoted in the article, the California Hospital Association called the ruling "good news for hospitals and other health care providers who are victims of theft or hacking of medical information where the plaintiff cannot prove that the thief or hacker actually viewed the medical information"
Read the article.
On the Lookout: The Software Supply Chain as a Healthcare Cyberattack Vector
Hackensack Meridian Health & Wellness Center at Clifton Opens
Suffolk Breaks Ground on Expansion of White Plains Hospital
EVS Leadership Culture Critical in Preventing Hospital-Acquired Sepsis
Man Dies by Suicide in Emergency Department Waiting Room at Kansas Hospital