Baystate Health Hit with Class-Action Lawsuit Following Phishing Attack

April 26, 2019

Two weeks after the Springfield, Mass.-based Baystate Health notified 12,000 patients of a phishing attack that potentially exposed their private information, a class-action lawsuit has been filed against the health system, according to a MassLive report.

Baystate, an integrated healthcare system, said that between February and March of this year, it learned of unauthorized access to some employee email accounts due to a phishing incident. An investigation determined that some patient information was contained in the email accounts, including patient names and dates of birth, health information (such as, diagnoses, treatment information, and medications), and in some instances health insurance information, Medicare numbers, and Social Security numbers.

Baystate’s electronic medical record (EMR) was not accessed or involved, however, according to the organization’s officials.

On April 11, a lawsuit was filed in the U.S. District Court in Springfield, Mass. According to the report in MassLive, “A class action suit means [attorney Kevin] Chrisanthopoulos is looking for more plaintiffs to add to the suit seeking monetary damages all the eventual plaintiffs would share.”

Baystate, in its April 8 public acknowledgment of the breach, said “This incident did not affect all Baystate patients, and we have no indication that any patient information was actually acquired or viewed, or that it has been misused. However, in an abundance of caution, we began mailing letters to affected patients on April 5, 2019 and established a dedicated call center to answer questions.”

Officials from Baystate also advised affected patients to review the statements they received from their providers and insurer, and if they saw services they did not receive, to contact the insurer or provider immediately.

For those patients whose Social Security numbers were included in the email accounts, Baystate is offering a free one-year membership of credit monitoring and identity protection services.

Sponsored Recommendations

TEST: Ask the Expert: Is Your Patients' Understanding Putting You at Risk?

Effective health literacy in healthcare is essential for ensuring informed consent, reducing medical malpractice risks, and enhancing patient-provider communication. Unfortunately...

From Strategy to Action: The Power of Enterprise Value-Based Care

Ever wonder why your meticulously planned value-based care model hasn't moved beyond the concept stage? You're not alone! Transition from theory to practice with enterprise value...

State of the Market: Transforming Healthcare; Strategies for Building a Resilient and Adaptive Workforce

The U.S. healthcare system is facing critical challenges, including workforce shortages, high turnover, and regulatory pressures. This guide highlights the vital role of technology...

How AI-Native Locating Intelligence Revolutionizes the RTLS market

Discover how leveraging an RTLS solution with artificial intelligence as the location engine can increase efficiency, improve safety, and elevate care without the compromises ...