MedMark Services, Inc. failed to secure and protect patients’ personal information from a data breach discovered around November 2019, a proposed class action claims.
The plaintiff, a patient at one of the defendant’s addiction treatment centers, says he was informed by another patient around November 2019 that a counselor had disclosed that computer hackers accessed MedMark’s network housing patients’ personal medical information and were attempting to blackmail the defendant.
Per the complaint, although the data breach affected “hundreds, if not thousands” of current and former patients who received treatment at one of MedMark’s addiction treatment centers, the defendant has failed to notify affected patients or publicly acknowledge the breach.
The plaintiff alleges the breach was directly caused by the defendant’s negligence and failure to implement adequate security procedures and practices to protect patients’ personal medical information.
“DEFENDANT knew or should have known that its systems for processing and/or storing patients’ personal medical information were not secure and left the INFORMATION of PLAINTIFF and other members of the Class vulnerable to the release of private information,” the complaint charges.
According to the case, the information stored by MedMark is “extremely sensitive” in that any reasonable patient of an addiction rehabilitation facility would likely wish to keep their addiction and treatment history from being publicly disclosed.
The lawsuit, which has been removed from Contra Costa County Superior Court to California’s Northern District Court, looks to represent anyone in the U.S. who was a patient at one of the defendant’s treatment facilities prior to November 2019 and whose personal medical information was compromised in that month’s data breach.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.