Inmediata Health Group Data Breach and HIPAA Violations – Class Action Investigation
CSK&D is investigating a potential class action lawsuit following reports that San Juan-based Inmediata Health Group has reported an IT misconfiguration incident as an “unauthorized access/disclosure” breach exposing highly sensitive medical and personal information of as many as 1.56 million individuals. This breach, which has been listed on the Department of Health and Human Services breach reporting website, is the largest health data breach to date in 2019.
Specifically, Inmediata experienced a common and preventable data security mistake—namely a misconfigured IT setting. In Inmediata’s breach notification statement posted on its website, the company identified that it became aware in January 2019 “that some electronic health information was viewable online due to a webpage setting that permitted search engines to index internal webpages that are used for business operations.” Information potentially exposed in the incident may include patients’ names, addresses, dates of birth, gender, medical claim information, and Social Security numbers. The company has only offered credit and ID monitoring for a few hundred individuals impacted by the breach, leaving the remaining breach victims to fend for themselves against potential fraud.
If you believe you were impacted by the Inmediata Data Breach or received a notification regarding the breach, please contact the lawyers listed below.