25% off all training courses Offer ends May 29, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 29, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Quest Diagnostics $195,000 Class Action Settlement Approved by Federal Judge

Posted By on Oct 30, 2019

Following a November 2016 cyberattack at Quest Diagnostics that resulted in an unauthorized individual accessing and stealing the personal information and medical test results of 34,000 individuals, a class action lawsuit was filed by the breach victims. Quest Diagnostics proposed a $195,000 settlement to resolve the case. The settlement has recently been approved by a New Jersey district court judge.

The types of information obtained by the hacker included names, phone numbers, dates of birth, and the results of medical tests, including HIV test results.

The lawsuit alleged Quest Diagnostics had violated New Jersey laws and had been negligent for failing to safeguard the sensitive health information of its clients, Quest Diagnostics had breached its contract with clients, and that the company failed to provide timely notifications to patients informing them about the hacking incident and theft of their data.

Quest Diagnostics maintains the claims are meritless, but the decision was taken to settle the lawsuit to avoid ongoing litigation and further legal costs. Under the terms of the settlement, all individuals who can demonstrate they have suffered monetary losses as a direct result of the breach will be entitled to claim $250. The payment is intended to compensate individuals for having to take action to secure their accounts and pay for credit monitoring and identity theft protection services.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Any individual whose HIV test results were included in the stolen data will be entitled to claim $75, in addition in the $250 if they have also suffered monetary losses.

Quest Diagnostics has also been named as a co-defendant in several lawsuits filed by victims of the data breach at American Medical Collection Agency (AMCA) earlier this year. The hacking of the AMCA payment portal enabled the attacker to steal the protected health information of more than 26 million individuals, 11,500,000 of whom had received medical tests at Quest Diagnostics and their PHI had been passed to AMCA for collection.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist