[ Wednesday, August 23, 2017 ]


Cybersecurity Class Action Update: One interesting aspect of data breaches (whether HIPAA-related or not) is the potential for lawsuits from affected parties.  Most times, injured individuals can't show monetary damages from a HIPAA breach, and that particularly true in non-HIPAA breaches such as the Target or Home Depot data breaches, where any credit card fraud was covered by the credit card companies.  (There are exceptions, of course, such as where a HIPAA breach causes harm that can be proven).  But the quest to show that the fear of future ID theft or other harm constitutes actionable damages is the holy grail of class action lawyers, looking to turn the millions of victims (each suffering only minor damages) into a single class so that they can collect on multiplied damages.

So far, it's been tough sledding: most courts deny that there are damages just because you're afraid someone might use your information in the future.  That has been recently upheld in this ScottTrade case.  Some day, a court will allow these damages to constitute sufficient grounds for a class action lawsuit, but not yet.

Jeff [6:17 PM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template