Long-Term Care Survey Alert
Watch For Limited Liability Where No Actual Loss Is Incurred
PDF
Warning: Don’t let up on breach prevention efforts.
Though a state appeals court in Michigan has ruled that unless a plaintiff can prove a “present, actual injury” in a data breach case, awarding damages will be highly unlikely, you need to stay ahead in your breach prevention efforts.
On Dec. 18, the Michigan Court of Appeals shot down a lower court’s ruling that sided with the patients, reported Bloomberg’s Bureau of National Affairs. The appellate court reversed and remanded the lower court’s opinion, ruling that the lower court should have granted summary judgment to Detroit-based Henry Ford Health System (HFHS) in a class action lawsuit.
Background: HFHS contracted with Perry Johnson and Associates Inc. (PJA) for transcription services, according to Bloomberg. PJA’s subcontractor made an error that caused patient records to become available on the Internet.
The online-accessible information included patient names, medical record numbers, and physician notes on patient visits. The named plaintiff in the class action lawsuit claimed her information posted online included diagnoses of alopecia and a sexually transmitted disease.
The lawsuit alleged negligence, breach of contract, and invasion of privacy, Bloomberg reported. The lower court denied HFHS’s and PJA’s summary judgment motions. HFHS and PJA appealed the decision.
Because the plaintiff’s only claim of losses stemmed from costs she incurred for identity theft protection services, the appeals court disagreed with the lower court’s ruling. The appeals court decided that the plaintiff failed to prove that the credit monitoring costs “relate to a present, actual injury.” Further, the plaintiff provided no evidence that anyone actually viewed her PHI on the Internet or used her information for an improper purpose.
Identity theft protection services that the named plaintiff initiated “are not cognizable damages in the absence of present injury,” the appeals court said. Many other courts have also decided that plaintiffs in data breach lawsuits cannot recover credit monitoring services as damages following a data breach where there is no evidence of actual identity theft.
Long-Term Care Survey Alert
- ICD-10 Implementation:
Deadline Draws Near For ICD-10 (Again!)
This time, start training in earnest. You’ve lived through a few false starts, but get [...] - SNFs:
Your Future Pay Could Hinge on the Quality Measures Reported
Tip: New tool will measure quality based on a variety of metrics. A new law [...] - Basic Training:
Watch Out For Code Extensions
All ICD-10 diagnosis codes have between 3 and 7 characters. Here’s how they break down [...] - Resources:
Tap Into These Free Training Resources As You Step Up Training
ICD-10-CM Guidelines: Go to this source for a basic overview: www.cdc.gov/nchs/data/icd/icd10cm_guidelines_2014.pdf Implementation Checklist: CMS has [...] - Section A:
Understand the Difference Between "Stay" and "Episode of Care"
Know what works in A1900. The Centers for Medicare & Medicaid Services (CMS) left a [...] - HIPAA Enforcement:
Watch For Limited Liability Where No Actual Loss Is Incurred
Warning: Don’t let up on breach prevention efforts. Though a state appeals court in Michigan [...] - Industry Notes:
Get Your Residents 'Tweeting' To Improve Their Cognitive Capacity
Want to help your elderly residents to improve their overall mental health and well-being? Social [...]