HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

MDLive Privacy Lawsuit Voluntarily Dismissed

The MDLive privacy lawsuit filed by law firm Edelson PC on behalf of plaintiff Joan Richards over alleged privacy violations has been voluntarily dropped without any settlement paid.

The lawsuit was filed after following an alleged discovery that screenshots were repeatedly taken by MDLive and were passed to third-party Israeli firm Test Fairy. Test Fairy had been contracted to perform quality control checks and debugging services. However, the plaintiff alleged that the sending of screenshots, which contained sensitive information entered by users of MDLive, was a violation of patient privacy.

Following the filing of the lawsuit on April 18, 2017, MDLive published a fact sheet explaining its relationship with the Israeli firm, stating the allegations were false, that there had not been a data breach and no HIPAA Rules had been violated.

MDLive also said in the fact sheet that no data had been shared with unauthorized third parties. Some data had been disclosed to authorized third parties, although those firms were bound by contractual obligations and had agreed only to use data for the specific purposes for which the information was disclosed.

Get The Checklist

Free and Immediate Download
of HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

MDLive pointed out that the use of the Test Fairy tool was consistent with its disclosed privacy policy and said Test Fairy did not have access to patient data from patient-physician consultations. MDLive also said all members are advised in its privacy policy that personal information may be disclosed to its contracted third parties to support its business.

A recent press release issued by MDLive has confirmed the lawsuit has been dismissed “in response to arguments by MDLive that the suit lacked any legal or factual basis.” MDLive filed a motion to dismiss the lawsuit and the plaintiff responded with a notice of non-opposition, but requested additional time to file an amended complaint. However, as the deadline for filing the complaint approached, the plaintiff made the decision to dismiss the entire lawsuit.

In the press release, MDLive said all claims in the lawsuit have been voluntarily dismissed with prejudice by the plaintiff. There was no payment of any settlement or other consideration by MDLive or its management in connection with the lawsuit.

MDLive CEO Scott Decker said, “Privacy and patient confidentiality are at the heart of everything we do, and MDLIVE will continue to rigorously review and evolve our technology and processes to safeguard member information and build trust in the telehealth industry.” Decker welcomed the dismissal of the lawsuit, saying, “We are thrilled this lawsuit was appropriately dismissed as we continue pursuing MDLIVE’s goal of enabling 24/7/365 access to affordable virtual healthcare for consumers, employers, health plans and health systems across the US.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.