Patient Privacy Court Case: February 2023

On Nov. 4, the U.S. District Court for the Eastern District of Michigan, Northern Division, granted preliminary approval of a settlement agreement for a class action law suit against Morley Companies, requiring the company to designate $4.3 million to compensate for damages related to a ransomware attack.[1] Morley Companies is a HIPAA business associate that provides business-process outsourcing services (e.g., customer help desk services, sales and marketing support, meeting planning) to HIPAA covered entities. The class-action lawsuit stems from a ransomware attack that occurred in August 2021, affecting a reported 521,046 individuals.[2] The protected health information affected included Social Security numbers, names, addresses, dates of birth, driver’s license numbers, client identification numbers, medical diagnostic and treatment information, and insurance information.

This document is only available to subscribers. Please log in or purchase access.
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field