[BreachExchange] Penn. court dismisses healthcare breach class-action lawsuit

[Audrey McNeil]

http://www.beckershospitalreview.com/healthcare-information-technology/penn-court-dismisses-healthcare-breach-class-action-lawsuit.html

An appeals court in Pennsylvania upheld a decision that found a health plan
was not in violation of state consumer protection laws after a data breach,
reports Law360.

Plaintiff Avrum Baum filed a class-action lawsuit against Keystone Mercy
Health Plan and AmeriHealth Mercy Health Plan after Keystone officials
reported a missing flash drive in September 2010. The flash drive contained
protected health information, including personal identification umbers,
Social Security numbers, health information and financial information of
286,000 members, one of which was allegedly Mr. Baum's daughter.

Mr. Baum filed the lawsuit in December 2010 claiming the health plans
violated the privacy rights of the members and that they inaccurately said
personal information was secure.

In July 2013, a trial judge denied classifying the lawsuit as a class
action, saying the complaint did not rely on any deceptive conduct by the
health plan, according to the report.

Now, the appeals court reaffirmed the trial judge's decision and said there
is no demonstrated link between Mr. Baum's daughter with the information on
the lost flash drive, so Mr. Baum could not represent potential class
members, according to the report.

"It represents a strong stand by a Pennsylvania appellate court that an
individual who cannot demonstrate actual harm is unable to represent a
class, and that the idea of hypothetical harm is not sufficient grounds on
which to sustain a class action certification," said Stuart Gerson, an
attorney representing the payers, in the report.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160503/01df58b4/attachment.html>