Patient Privacy Court Case: March 2023

On Dec. 6, the U.S. District Court for the Middle District of Tennessee granted preliminary approval of a proposed settlement agreement that requires Advent Health Partners, a HIPAA business associate that provides revenue cycle management services to covered entities, to compensate class members and implement data security enhancements to resolve a class action dispute arising from a data breach.[1]

The lawsuit arises from a hacking incident that occurred in September 2021, affecting a reported 61,072 individuals.[2] The threat actors hacked Advent Health Partners’ employees’ email accounts, which resulted in the exposure of patient names, Social Security numbers, drivers’ license information, dates of birth, health insurance information, medical treatment information, and financial account information.

This document is only available to subscribers. Please log in or purchase access.

Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field