East River Medical Imaging $1.85 Million Settlement Due to Receive Final Approval
A $1.85 million settlement to resolve a class action data breach lawsuit against the New York radiology group, East River Medical Imaging, is due to receive final approval on October 22, 2024. Individuals affected by the breach have until October 22, 2024, 2:30 PM EDT to submit a claim.
A security breach was detected by East River Medical Imaging on September 20, 2023. A hacker was determined to have accessed its systems from August 31, 2023, to September 20, 2023, and during that time files were copied from its network. Patient and employee information was compromised including names, contact information, insurance information, exam and/or procedure information, referring physician names, imaging results, financial account information, driver’s license numbers, and Social Security numbers. Notification letters were sent to the affected individuals starting November 22, 2023, and the breach was reported to the HHS’ Office for Civil Rights on November 22, 2024, as affecting 605,809 individuals.
The first lawsuit over the data breach was filed by the law firm Shub & Johns (S&J) on December 5, 2023, in the Supreme Court of New York for New York County. Several other lawsuits were filed over the data breach, and on March 26, 2024, the lawsuits were consolidated into a single complaint – Guarnaschelli et al. v. East River Medical Imaging, P.C. S&J partner Benjamin F. Johns and Jean Martin of Morgan & Morgan were appointed as co-lead plaintiffs’ counsel.
The lawsuit alleged that East River Medical Imaging failed to implement reasonable and appropriate security measures to protect patient information. The plaintiffs argued that the data breach would have been prevented if those security measures had been implemented. In April 2024, Johns and Martin filed an unopposed motion for preliminary approval of a class action settlement, and on April 16, 2024, the settlement was granted preliminary approval with final approval expected on October 22, 2024. East River Medical Imaging denied any wrongdoing.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Under the terms of the settlement, class members may submit a claim up to a maximum of $7,500 for documented losses reasonably attributable to the data breach, including bank costs, professional services, communication charges, credit costs, and other losses, including identity theft and fraud. A cash payment can be claimed in lieu of a claim for documented losses, which will be paid pro rata from the settlement fund after attorneys’ fees, legal expenses, and claims have been paid. Irrespective of whether a claim is submitted, all class members will be entitled to receive three-bureau credit monitoring and identity theft services for 12 months at no cost. Claims can be submitted via the settlement website.
The deadline for objection and exclusion has now passed, and the deadline for submitting a claim is fast approaching. According to Johns, around 20,000 individuals affected by the data breach have submitted a claim for a share of the settlement.
