Plaintiff sues healthcare group for compromising health information in data breach

A lawsuit was filed Thursday in the District of Massachusetts by Plaintiff William Biscan (both individually and on behalf of all others similarly situated) against Defendant Shields Health Care Group Inc. The class action lawsuit alleges that the defendant acted negligently in handling plaintiff’s privacy. health information, leading to a data breach and subsequent information compromise.

The defendant suffered a cyberattack on his medical facilities in March 2022. The attack resulted in the exposure of the personal information and highly sensitive medical records of nearly 2 million people.

The complaint explains that the private and personal information of the plaintiff and class members was compromised, illegally accessed and stolen as a result of the data breach. Some of the confidential information compromised included social security numbers, insurance information, medical record numbers, and other information that falls under HIPAA’s definition of protected health information.

Biscan alleges that the defendant failed to adequately protect the private information and did not notify it of the data breach in a timely manner despite the duty to the plaintiff to “implement and maintain reasonable security measures and adequate to secure, protect and safeguard their private information from unauthorized access and disclosure.

Because defendants allegedly maintained plaintiff’s private information in a negligent and reckless manner, Biscan argues that the data breach was a known and foreseeable risk to defendant. Although the defendant supposedly knew of the risk, Biscan claims the defendant failed to take the necessary steps to protect the private information, leaving it in a “dangerous and vulnerable state.”

The complaint notes that as a result of the data breach, class members and the plaintiff are at heightened and imminent risk of fraud and identity theft. Biscan concludes that he and the class “will continue to incur fees for the purchase of credit monitoring services, credit freezes, credit reports and other safeguards to deter and detect theft of identify”.

The complaint cites negligence, express breach of contract, implied breach of contract, invasion of privacy by intrusion, breach of fiduciary duty, breach of trust, violation of the general laws of Massachusetts, unjust enrichment. Biscan seeks class certification, an injunction preventing further wrongful conduct and requiring the defendant to use appropriate security measures, monetary relief, actual and punitive damages, court costs, pre- and post-judgment interest and all other remedy deemed appropriate by the Court. .

Plaintiff is represented by Sweeney Merrigan Law LLP, Keller Postman LLC and Finkelstein, Blankinship, Frei-Pearson & Garber LLP.

Comments are closed.