BeckerHospitalReview just posted a new wrinkle in the battle against ransomware: "Four patients filed a class action lawsuit against Tuscaloosa, Ala.-based DCH Health System, alleging privacy violations and medical care disruption after an October ransomware attack.
Five things to know:
1. The patients filed the lawsuit on Dec. 23, according to the Tuscaloosa Real-Time News. The patients report forgoing medical treatment during the 10-day period that the system’s three hospitals shut down services for non-critical patients due to a ransomware attack. Patients were also unable to access their medical information during the downtime.
2. One of the plaintiffs reported the inability to access prescribed medications after surgery due to the ransomware attack. Another plaintiff said she was unable to obtain medical care for a severe allergic reaction her daughter had during the ransomware attack, and she was directed to seek care elsewhere, which delayed recovery.
3. The lawsuit also alleges DCH violated HIPAA because the ransomware attackers gained access to medical records and billing information.
4. The plaintiffs did not list a specific dollar amount for damages in the lawsuit, according to the report.
5. DCH Health System has not responded to a request for comment on this lawsuit.
Laura Dyrda posted the story.