Settlement Proposed to Resolve Gifted Healthcare Data Breach Lawsuit
Gifted Healthcare has proposed a settlement to resolve a class action lawsuit that alleged negligence for failing to implement reasonable cybersecurity measures, resulting in a data breach. The Metairie, LA-based nursing agency identified suspicious activity in an employee email account and the forensic investigation confirmed that three email accounts had been accessed by unauthorized individuals between August 25, 2021, and December 10, 2021. The review of the accounts was completed in July 2022 and confirmed that the personal information of 13,221 prospective, current, and former employees had been exposed, including names, Social Security numbers, and financial account information.
A class action lawsuit – Cheryl Covington V. Gifted Nurses LLC d/b/a Gifted Healthcare – was filed in response to the breach that alleged the plaintiff and class suffered injuries from the misuse of their data, including fraudulent attempts to open bank accounts, decreased credit scores, and out-of-pocket expenses spent on mitigation measures. The lawsuit also alleged the victims of the breach will forever face an amplified risk of further misuse, fraud, and identity theft. In addition to negligence, the lawsuit alleged negligence per se, breach of express/implied contractual duty, invasion of privacy, and unjust enrichment.
Gifted Healthcare has not admitted to any wrongdoing but chose to settle the lawsuit. The settlement has received preliminary approval from the court and resolves all claims made in the lawsuit. Class members can submit claims for up to $400 to cover documented, unreimbursed losses incurred as a result of the breach, such as communication charges and banking fees. Claims may also be submitted up to a maximum of $4,000 for extraordinary expenses, such as losses to fraud and identity theft, and all class members can receive three years of complimentary credit monitoring and identity theft protection services. Class members who do not want the credit monitoring services can instead claim a cash payment of $50. The deadline for objection to or exclusion from the settlement is May 20, 2024. Claims must be submitted by September 16, 2024, and the final approval hearing is scheduled for August 1, 2024.
The plaintiff and class were represented by attorneys from the law firms Gregory, Doyle, Calhoun & Rogers, LLC; Turke & Strauss, LLP; Cohen & Malad, LLP; and Branstetter, Stranch & Jennings, PLLC.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
