No Harm, No Foul: California Court Denies Class Action Bid Seeking $4 Billion from Provider

On July 22, 2014, the California Court of Appeal, Third Appellate District, found that patients whose confidential health information had been stolen could not sustain a class action absent an allegation that the information was actually viewed by unauthorized third parties.

In Sutter Health v. Superior Court, plaintiffs alleged that a thief broke into a Sutter Health office and stole a desktop computer containing protected health records of more than four million patients. Although the computer’s hard drive was password-protected, the records were unencrypted. The plaintiffs sought to assert a class action on behalf of these patients, seeking recovery under California’s Confidentiality of Medical Information Act (CCMIA). Because the CCMIA provides for an award of $1,000 in nominal damages per patient if a health care provider negligently releases medical information in violation of the CCMIA, the complaint potentially claimed $4 billion in damages. However, plaintiffs did not allege that any unauthorized person actually viewed the stolen records.

* This article was originally published in the Health Care Counsel blog. To read it in its entirety, click here.