Sutter Health Suits to be Consolidated

A total of 11 class action lawsuits have now been filed against Sutter Health in the wake of a health information breach, and those suits likely soon will be consolidated into one case, according to the Sacramento Business Journal.

See Also: JavaScript and Blockchain: Technologies You Can't Ignore

The Judicial Council of California, the main policy-making body for the California courts, likely will assign a consolidated case to one judge, the newspaper reports. All the lawsuits filed in the case seek monetary damages, plus a court order requiring Sutter, a California integrated delivery system, to do a better job of protecting patient information. Damages could total as much as $1,000 per individual affected.

The Sutter Health breach, which involved the theft of an unencrypted desktop computer, affected more than 4.2 million patients.

No financial information, Social Security numbers, health plan ID numbers or medical records were on the desktop device, which was stolen during the weekend of Oct. 15-16, 2011, from an administrative office of the Sutter Medical Foundation, a physician network based in Sacramento, Calif.

The stolen computer contained a database for Sutter Physician Services, which provides billing and other administrative services for 21 Sutter units. That database included information on about 3.3 million patients collected from 1995 through January 2011. Included were names, addresses, dates of birth, phone numbers, some e-mail addresses, medical record numbers and the names of patients' health insurance plans.

The device also contained a database with more extensive information on 943,000 Sutter Medical Foundation patients, dating from January 2005 to January 2011. This smaller database included the same demographic information as the larger database, plus dates of service and a description of diagnoses and/or procedures. Only this portion of the breach is included in the official government tally of major health information breaches.