21st Century Oncology Data Breach Prompts Multiple Lawsuits

Four months after 21st Century Oncology said an “unauthorized third party” had accessed 2.2 million confidential records, lawyers working on lawsuits against the cancer-care giant say they have fielded likely thousands of inquiries from worried patients.

As of this week, at least 13 separate federal class-action lawsuits had been filed against Fort Myers-based company in response to the data breach, court records show.

“Everyone in this seems to have multiple (clients). I have multiple,” said attorney David Harris of the Harris Law Firm in south Fort Myers. “After the first two cases were filed, it got out into the news. After that, I personally spoke to 200-plus people.”

Harris would not say how many clients he expects to represent in the class-action, but said he had evidence that some had fallen prey to identity theft.

Others, he said, are terrified that they soon might.

“There’s a genuine panic out there. That is the reality,” he said. “You’ve got some people who are out there who are, let’s say, in their senior years. This is the last thing they need, whether they’re battling health problems or you name it — they’re confused by this, they’re scared by it all.”

A U.S. magistrate judge in Fort Myers on Thursday recommended that the cases be consolidated into a single class-action claim.

The company did not respond to requests for comment on the cases. A spokesman said earlier this year that 21st Century Oncology does not comment on pending litigation.

21st Century Oncology notified patients about the data breach in March, more than three months after the FBI had alerted it to the break in. Its officials claimed that it had done so because of the ongoing criminal investigation.

All of those affected were provided with a free one-year subscription to the Experian ProtectMyID fraud protection service. At the time, 21st Century said it had no evidence that any patient information had been misused.

21st Century Oncology, the nation’s largest radiation oncology provider, operates 183 treatment centers. Of those 147 are in the United States, and 36 are in countries in Latin America.

The company also employs or is affiliated with nearly 950 doctors, globally.

Many of those receiving notice of the data breach were unaware 21st Century had their records, because they used a clinic that was owned by the company but did not have its name on it.

In one lawsuit recently filed in California, cancer patient James Corbel received treatment at a Redding, California clinic he did not know that 21st Century owned. (Its website currently displays the 21st Century logo.)

“Since the data breach, Corbel has received multiple telephone calls from scam artists claiming to be from the IRS, attempting to convince him to pay for what they claim are unpaid taxes,” his lawsuit states.

It added that “Corbel had never received any similar IRS related scam telephone calls” before the breach.

A plaintiff in another case, Mary Barbieri of Charlotte County, claims she was unable to sign up for the fraud protection that 21st Century Oncology offered because someone else had done so, using her name and personal information.

Barbieri claims that an Experian staffer told her that the caller had provided her mother’s maiden name, date of birth and Social Security number.

“Plaintiff (Barbieri) then received emails from (her bank) due to a request to close her bank accounts,” the lawsuit further states. “Plaintiff did not initiate this request.”

Her attorney in Coral Gables, Robert Gilbert, said this particular lawsuit involves several dozen plaintiffs. He too said he had heard from hundreds of people affected by the 21st Century Oncology breach.

“We’re talking here about people’s personal, unique healthcare records,” Gilbert said. “Since, by its name, 21st Century Oncology, it relates to cancer or cancer-related diagnoses. It’s quite sensitive and quite revealing. There’s a great deal at stake here. This is a very serious case.”

The 21st Century Oncology breach was the largest such data security issue of 2016 involving 500 or more patients, according to the Department of Health and Human Services. And it is the largest recorded for a Florida-based company since the government began collecting such data in 2010, government records show.

(Southwest Florida-based Radiology Regional Center, a provider of imaging and diagnostic services, inadvertently exposed the records of more than 483,000 this year when the files blew out of a trash truck traveling on Fowler Street.)

Still, others have been far worse.

Records show that the largest security breach involved the health insurer Anthem Inc., which reported last year that a hacker had accessed a database containing information on 78.8 million people.

Source: www.news-press.com www.news-press.com

Be the first to comment on "21st Century Oncology Data Breach Prompts Multiple Lawsuits"

Leave a comment

Your email address will not be published.


*