Share this article on:
Roper St Francis Healthcare is facing a class action lawsuit over an October 2020 data breach in which patient data was allegedly stolen. The lawsuit alleges negligence for the failure to protect the private data of its patients.
Between October 14 and 29, 2020, unauthorized individuals gained access to the email accounts of three of its employees. Those accounts contained the protected health information of around 190,000 patients. PHI in the compromised email accounts included financial and medical information.
This was far from the only data breach to have affected Roper St. Francis Healthcare in the past 18 months. Prior to the October 2020 phishing attack, Roper St. Francis reported two data breaches in September, one of which was a phishing attack that affected 6,000 individuals and the other was a ransomware attack on its vendor Blackbaud, which affected around 92,963 Roper St. Francis patients. Prior to those breaches, a breach was reported on January 29, 2010 as affecting 35,253 individuals.
According to the lawsuit, “At all relevant times, Roper knew the data it stored was vulnerable to cyberattack based upon these repeated and ongoing data breaches.”
The lawsuit, which was filed by The Richter Firm, The Solomon Law Group, Slotchiver & Slotchiver, LLC and Brent Souther Halversen, LLC, seeks economic and non-economic damages for the plaintiff and class members, compensatory, consequential, and actual damages, statutory and injunctive relief, punitive damages, and reimbursement for interest, costs, and reasonable attorneys’ fees.
“We merely seek to hold Roper accountable for its continued negligent actions in allowing these preventable data breaches from happening and to compensate current and former patients for the harm inflicted,” said Attorney Brent Halversen. “We seek to provide all patients whose private data was compromised credit monitoring services as partial compensation for the harm each has suffered, not just the hand full that Roper thinks are the worst cases.”