Lawsuit Investigation: Did UCLA Health Unlawfully Share Your Data?
Last Updated on March 8, 2023
Important Information
Attorneys working with ClassAction.org are no longer investigating this matter. The information here is for reference only. A list of open investigations and lawsuits can be viewed here.
At A Glance
- This Alert Affects:
- Anyone who received notice in or around January 2023 that they may have been affected by a data privacy issue related to the use of analytics tools on UCLA Health’s website and mobile app.
- What’s Going On?
- Attorneys working with ClassAction.org are investigating whether a class action lawsuit can be filed over the issue. But first, they need to speak with UCLA Health patients who received notice that their information may have been shared.
- How Could a Lawsuit Help?
- A class action lawsuit, if filed and successful, could give consumers a chance to recover money for any unlawful sharing of their data. It could also force UCLA Health to take certain steps to help ensure information submitted online is kept private and confidential.
Attorneys working with ClassAction.org would like to speak to anyone who received a notice from UCLA Health in or around January 2023 regarding a data privacy issue.
On January 13, UCLA Health announced that certain information from appointment request forms completed on UCLAHealth.org and its related mobile app may have been captured and transmitted to third-party service providers. It has been reported that approximately 94,000 individuals received a notice outlining the problem, which may look something like this.
Now, it’s being investigated whether a class action lawsuit can be filed on behalf of patients who were affected by the data issue.
UCLA Health Data Notice: What Happened?
According to UCLA Health’s data notice, analytics tools on UCLA Health’s website and mobile app may have captured certain information from appointment request forms and shared this data with the companies providing the tools.
UCLA Health stated that it began using analytics tools from third-party service providers to better understand how the community interacts with its website and app and to improve user experience.
Upon learning of concerns regarding the use of analytics tools on healthcare providers’ websites, UCLA Health reportedly disabled them and launched an internal investigation into what data was collected and who it belonged to.
Those whose data may have been captured will reportedly receive notice of the issue, though UCLA Health admits that it may not have the contact information of everyone affected.
What Information Was Affected?
It has been reported that hashed consumer data including names, email addresses, mailing addresses, phone numbers and gender from the appointment request forms may have been shared. “Hashing” refers to the process of converting data into a string of numbers and digits for security purposes.
IP addresses and provider names and specialties may have also been captured and shared, though UCLA Health insists that information such as bank account numbers, credit card information and Social Security numbers is not affected.
The healthcare provider has also stated that the analytics tools were not used in the online patient portal.
How Could a Class Action Lawsuit Help?
If filed and successful, a class action lawsuit could provide compensation to those whose information was shared with third parties. It could also force UCLA to implement and maintain certain changes to its website and app to ensure patient information is being kept safe.
Before commenting, please review our comment policy.