American Vision Partners Faces Class Action Lawsuits Filed Due to Data Breach
Medical Management Resource Group LLC (MMRC), also called American Vision Partners, is facing multiple class action lawsuits because of a data breach reported at the beginning of February. MMRC identified a systems breach on November 14, 2023 and launched an investigation. The investigation confirmed that the protected health information (PHI) of 2,350,236 people was kept in the breached areas of its system. The people impacted by the data breach had their names, contact details, birth dates, medical data, clinical documents, Social Security numbers, and medical insurance data compromised. American Vision Partners sent notification letters to those people last month and they were provided free credit monitoring services.
From February 23 to February 28, patients whose PHI was compromised in the breach filed three class action lawsuits in the US District Court for the District of Arizona. The lawsuits assert negligence and allege that MMRC/American Vision Partners neglected to use reasonable and proper cybersecurity measures to safeguard the sensitive information kept on their systems and did not adhere to industry recommendations for cybersecurity despite knowing the high probability of cyberattacks on the healthcare industry.
The following lawsuits Daley v. Medical Management Resource Group LLC, Yaeger v. Medical Management Resource Group LLC, and Moudgal v. Medical Management Resource Group LLC have the same accusations and want a jury trial, class certification, and damages. The plaintiffs allege that they sustained injuries and expenses because of the data breach and are exposed to an impending and ongoing risk of identity theft and fraudulence as a direct effect of the data breach, not to mention HIPAA violation.
Atty Kenneth J. Grunfeld of Kopelowitz Ostrow Ferguson Weiselberg Gilbert and Atty Cristina Perez Hesano of Perez Law Group PLLC represent David Yaeger and the class. Attorneys Perez Hesano, Philip J. Krzeski, and Bryan L. Bleichner of Chestnut Cambronne represent Steven Daley and the class; Attorneys Terence R. Coates, Jonathan T. Deters, and Perez Hesano of Markovits, Stock and DeMarco LLC represent Pal and Lakshminarasimha Moudgal and the class.
Tennessee Orthopaedic Clinics Settles Class Action Data Breach Lawsuit
Tennessee Orthopaedic Clinics based in Knoxville, TN has decided to resolve a class action lawsuit associated with a March 2023 cyberattack and data security breach that affected 46,679 people. The exposed information included names, contact details, dates of birth, diagnosis and treatment data, provider names, dates of service, cost of services, prescription data, and/or health insurance details.
The impacted persons were alerted regarding the breach in early May, and immediately filed a class action lawsuit that stated Tennessee Orthopaedic Clinics was responsible for not implementing reasonable and appropriate cybersecurity procedures. Based on the lawsuit, it was possible to prevent the data breach if those steps were carried out. Tennessee Orthopaedic Clinics decided to settle the lawsuit without admitting any wrongdoing to avoid further legal expenses and the uncertainty of trial. Under the terms of the settlement, people who got a notification concerning the data breach may submit for regular expenditures like communication fees, credit fees, bank fees, and lost time (up to 3 hours at $20 an hour) up to a maximum of $1,500.
Claims of around $4,000 may likewise be filed for recorded extraordinary expenditures, for example, losses as a result of fraud or identity theft that occurred from March 20, 2023 to April 8, 2024, as long as the claimant tried to prevent those losses and those losses aren’t reimbursed yet. All class members are additionally eligible for single bureau credit monitoring and identity theft protection services for two years. The final day for exclusion or objection to the settlement is gone, and the final approval hearing was lined up for March 14, 2024. Class members wanting to submit claims must do this by April 8, 2024.
