Industry Specific , Targeting Healthcare , Video

Are Data Breach Class Action Lawsuits Protecting Patients?

Attorney Jeff Westerman on Litigation Trends, Impact on Growing Healthcare Breaches
Watch this video with Jeff Westerman, attorney at Westerman Law Corp., which is part of a special report on Targeting Healthcare. (Source: Jeff Westerman)

The prospect of class action lawsuits being filed in the aftermath of a major data breach often has more impact on breached healthcare organizations than the potential for fines and enforcement actions by government regulators, says attorney Jeff Westerman of Westerman Law Corp.

See Also: Healthcare in The Cloud: Detecting and Overcoming Threats to Ensure Continuity & Compliance

With all the legal expenses and time involved with organizations defending themselves in data breach class action lawsuits, "I don't know that a civil enforcement action would be much more impactful than the private civil litigation that gets filed," Westerman says in a video interview with Information Security Media Group.

While "the regulators or the government can all bring all kinds of resources to bear," very few enforcement cases are pursued, says Westerman, who represented plaintiffs in a class action lawsuit against UCLA Health in 2015 after a cyberattack affected the sensitive health information of 4.5 million individuals.

That consolidated class action lawsuit was settled in 2019. As part of the settlement, UCLA Health agreed to spend up to $5.5 million on improving its data security (see: Analyzing the $7.5 Million UCLA Health Data Breach Settlement).

All in all, when an organization has a major data breach, much is at stake, including reputational damage. "I would think that where you have your customer base or client base, your medical patient base, you would want to convey that you care about their data and that you're taking care of their data," Westerman says.

In this video interview with Information Security Media Group, he also discusses:

  • Details of the settlement reached in the UCLA breach;
  • The influence that cyber insurers wield;
  • Data breach litigation trends.

Westerman’s experience spans over 40 years in law practice. For the past 30 years he has worked almost exclusively as a plaintiff lawyer on complex securities, consumer, antitrust and data breach class actions. Westerman has also served as president or chair of several different legal organizations in Los Angeles.

Over 5,000 health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Targeting Healthcare explores these trends and how the industry can respond.

Read more

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.