REDLANDS, Calif., Aug. 11, 2015 /PRNewswire/ -- McCuneWright, LLP has filed a class action complaint against UCLA Health System, UCLA Medical Sciences, and The Regents of the University of California, for responsibility regarding compromised private data that may have affected as many as 4.5 million patients earlier this year.
Richard McCune, partner of the Inland Empire's premier complex litigation firm, McCuneWright, LLP, and a national spokesperson on legal issues concerning consumers, said, "UCLA had the responsibility to take the steps necessary to protect their patients' sensitive information and comply with HIPAA guidelines. It's not clear why a university of UCLA's size and notoriety would not do more to secure their patients' most private information."
The complaint was filed July 29 in Los Angeles County Superior Court on behalf of Miguel Ortiz and "all others similarly situated." It alleges that "personally identifiable information (PII) and other highly sensitive information was stolen," that the "Defendants knew that the information was a likely target for attack by cyber criminals" – given UCLA's own history of being hacked less than a decade ago and other highly publicized recent massive data breaches – and that, despite this fact, the defendants failed to take even basic protective steps such as data encryption.
According to UCLA, it is possible that these patients had their names, Social Security numbers, date of birth, health plan identification numbers, and specific financial and medical information compromised in the security breach of the Health System's computer network, which was announced to the public July 17.
UCLA admitted the hospital detected unusual activity on one of its computer servers as early as October 2014 and, with the FBI, began its investigation then. On May 5, according to UCLA, investigators determined that hackers had accessed parts of the network holding patient information. The complaint notes that patients were not notified in timely fashion after discovery of the breach, and that the Defendants' acts and omissions violate the Customer Records Act, Confidentiality of Medical Information Act, and invasion of privacy.
Richard McCune is available to talk with reporters about the case and how it could affect not just the 4.5 million patients directly involved but privacy issues and the behavior of corporations and health organizations going forward.
McCuneWright, LLP has long been involved in advocating on behalf of Southern California consumers and holding large organizations accountable for their products and business practices. The firm is involved in a number of lawsuits dealing with privacy issues, including filing a lawsuit against Intuit, Inc., after cybercriminals breached security in its TurboTax software product.
Additional information regarding the UCLA case, including a copy of the class action complaint, is available at www.mccunewright.com.
CONTACT: Jack Boren
SOURCE McCuneWright, LLP