The data breach, first reported by UC San Diego Health on April 8, 2021, allowed hackers to access and exfiltrate information stored on UC San Diego Health’s servers including patients’ full names, addresses, birthdates, email addresses, dates and costs of health care services, laboratory results, social security numbers, credit card information, and more. By failing to properly protect its data, UC San Diego Health has subjected its patients to potential identity theft and financial fraud now and into the future.
“It is a healthcare provider’s responsibility to safeguard the personal data of its patients,” said attorney Jason Hartley, Founder of Hartley LLP. “Patients should trust that their most private medical results will not be made public, and that their medical visits will not leave them at risk for identity theft. This breach was preventable, had UC San Diego Health had the right data protection protocols in place.”
The data breach is a violation of UC San Diego Health’s responsibility to comply with the privacy and security rules related to the Health Insurance Portability and Accountability Act of 1996, commonly known as “HIPAA.” HIPAA prohibits unauthorized disclosure of protected health information and requires that healthcare providers protect this information.
About Hartley LLP
Hartley LLP represents commercial plaintiffs on a contingency basis and victims of anticompetitive conduct like price fixing agreements, unfair competition, tying agreements and monopolization. Its attorneys have worked to recover hundreds of millions of dollars in damages for its clients. For more information about our practice, visit https://hartleyllp.com/results/.