Court dismisses UCLA breach lawsuit

Laura Pedulli | | Health Exec | Cybersecurity

A California appellate court threw out a class-action lawsuit against the University of California over a breach that exposed personal information of more than 16,000 patients at the University of California-Los Angeles Health System, according to an Oct. 16 article published in Metropolitan News-Enterprise.

The court ruled that the healthcare provider is not liable for statutory damages for the breach unless the data are actually used by an unauthorized person, according to the article.

The breach, which took place in November 2001, occurred when an external hard drive was stolen from the home of a former university physician. Although the data were encrypted, an index card containing password information was stolen with the computer.

The California Hospital Association, which filed an amicus brief in support of the University of California, lauded the decision. “The decision is good news for hospitals and other healthcare providers who are victims of theft or hacking of medical information where the plaintiff cannot prove that the thief or hacker actually viewed the medical information,” the association said in a statement.

Laura Pedulli

Related Content

Data breach at Oracle Health leads to extortion of hospitals
Change Healthcare files to have federal lawsuits dismissed
ISIS is not launching terrorist attacks against hospitals, FBI says
ChatGPT exploit could cause data breaches in healthcare, experts warn
Hospitals snail-mailed ransomware hoax; FBI investigation ongoing
Maryland insurer sues Change Healthcare for $900K

Around the web

Cardiovascular Business
ACC urges RFK Jr. to make Medicare reform a priority, warns against mass layoffs

The American College of Cardiology has sent a letter to HHS Secretary Robert F. Kennedy Jr. that outlines some of the organization’s central priorities and concerns. 

Radiology Business
FDA announces recall of Medtronic interventional radiology devices after 17 injuries, 4 deaths

One product is being pulled from the market, and the other is receiving updated instructions for use.

AI in Healthcare
What federal regulators can learn from the states about AI oversight

If the Trump administration continues taking a laissez-faire stance toward AI—including AI used in healthcare—why not let the states go it alone on regulating the technology?