Court dismisses UCLA breach lawsuit

A California appellate court threw out a class-action lawsuit against the University of California over a breach that exposed personal information of more than 16,000 patients at the University of California-Los Angeles Health System, according to an Oct. 16 article published in Metropolitan News-Enterprise.

The court ruled that the healthcare provider is not liable for statutory damages for the breach unless the data are actually used by an unauthorized person, according to the article.

The breach, which took place in November 2001, occurred when an external hard drive was stolen from the home of a former university physician. Although the data were encrypted, an index card containing password information was stolen with the computer.

The California Hospital Association, which filed an amicus brief in support of the University of California, lauded the decision. “The decision is good news for hospitals and other healthcare providers who are victims of theft or hacking of medical information where the plaintiff cannot prove that the thief or hacker actually viewed the medical information,” the association said in a statement.

Around the web

The American College of Cardiology has sent a letter to HHS Secretary Robert F. Kennedy Jr. that outlines some of the organization’s central priorities and concerns. 

One product is being pulled from the market, and the other is receiving updated instructions for use.

If the Trump administration continues taking a laissez-faire stance toward AI—including AI used in healthcare—why not let the states go it alone on regulating the technology?