In a recent hacking incident, UCLA Health System neglected to properly secure records and notify up to 4.5 million patients in a timely manner. UCLA received criticism earlier this year after refusing to encrypt patient data when Anthem Inc. was hacked, and hackers gained access to highly personal information such as names, dates of birth, Social Security numbers, health plan identification numbers, and medical information including patient procedures and diagnoses. The lawsuit, filed on behalf of Los Angeles resident, Miguel Ortiz, is seeking class action status for all current and former patients of UCLA Health System. It states that patients were not alerted quickly enough, and that UCLA violated multiple consumer and privacy protection laws. Suspicious activity was noticed on computer servers as early as October 2014, but the public was not made aware of the breach until July 17, even though it was confirmed in early May.
This hacking incident comes after the massive Anthem Inc. hack which affected 80 million people, and is raising awareness all across the country of our ability to protect the vast stockpiles of information hospitals, health insurers, and other medical providers have been collecting. The fact that UCLA did not take action in a time where cybercriminals are specifically targeting big players in healthcare is alarming itself. “These breaches will keep happening because the healthcare industry has built so many systems with thousands of weak links,” said founder of Patient Privacy Rights, Dr. Deborah Peel.
UCLA says there is no evidence yet that any information was taken, but they are working with the FBI and computer forensic experts to secure its network. “We take this attack on our systems extremely seriously,” stated Dr. James Atkinson, interim president of the UCLA Hospital System. “For patients that entrust us with their care, their privacy is our highest priority. We deeply regret that this happened.” The health system claimed that it had been spending tens of millions of dollars prior to the attack to strengthen computer security, yet experts were mostly unimpressed due to the lack of encryption used.
If you feel your privacy rights have been violated due to negligence of the administrators behind the UCLA data breach, the lawyers at Hodes Milman Liebeck are here to help you. Contact us today online at hmlm.com or call (949) 640-8222 for a complimentary case evaluation.