California Confidentiality Of Medical Information Act

April 30, 2026 A $950K SAG-AFTRA Health Plan settlement offers cash and medical info monitoring to individuals affected by a September 2024 data breach.

February 26, 2026 A $400K Choose Your Horizon settlement offers cash to patients whose sensitive information may have been collected and shared by third-party tracking technologies.

February 12, 2026 An $8.5M Signature Performance settlement offers cash and medical data monitoring to those who may have been impacted by a Jan. 2024 data breach.

February 5, 2026 A $725K Granite Wellness Centers settlement offers cash to individuals whose private information may have been affected by a Jan. 2021 data breach.

January 15, 2026 A Centrelake Medical Group settlement offers cash and credit monitoring to those who may have been affected by an early 2019 data breach.

December 12, 2025 A $3.5M Mindpath Health settlement offers cash and credit monitoring to individuals who may have been impacted by a mid-2022 data breach.

December 8, 2025 An at least $46M Kaiser settlement offers cash to individuals whose data may have been shared with third parties after accessing their Kaiser patient account.

December 5, 2025 A $21.5M Sutter Health settlement offers cash to California residents whose data may have been shared with third parties like Google and Meta.

November 21, 2025 A $450K Trinity Health settlement offers cash to individuals who may have been impacted by a Jan. 2021 data breach.

November 18, 2025 A $6.5M class action settlement resolves a lawsuit over a 2024 Omni Family Health data breach that leaked patient and staff information on the dark web.

November 7, 2025 Discovery Practice Management will offer cash payments and identity protection services to settle a class action lawsuit over a June 2020 data breach.

October 29, 2025 Pomona Valley Hospital is set to pay $600K to settle a lawsuit over its alleged use of the Facebook Pixel to unlawfully disclose user info to Meta.

October 2, 2025 A $5 million class action settlement will end litigation over a June 2020 EyeMed data breach that exposed patients’ personal and medical information.

September 23, 2025 Medusind will pay $5M to resolve a class action lawsuit over a Dec. 2023 data breach that exposed patients’ medical, personal and financial information.

September 23, 2025 Cencora/The Lash Group will pay $40 million to settle a class action lawsuit over a February 2024 data security incident.

September 18, 2025 A $2.55M settlement ends a class action against Octapharma Plasma over an April 2024 data breach that exposed patients’ personal and medical information.

August 11, 2025 Keenan has agreed to pay a settlement to resolve a class action that alleged the firm failed to protect personal information during a 2023 data breach.

August 4, 2025 HCA has agreed to settle a class action that alleged the organization failed to protect patient information during a data breach announced in July 2023.

July 22, 2025 A $875K settlement resolves a class action lawsuit against Eisenhower Medical Center over alleged data tracking and sharing using third-party technology.

March 4, 2025 Dameron Hospital has agreed to pay a $650,000 settlement to resolve a class action over a 2023 data breach that compromised the personal information of 262,475 people.

January 24, 2025 Nonstop has agreed to pay a $1.6 million settlement to resolve a class action that alleged the insurer failed to protect the personal information of 8,500 people during a December 2022 data breach.

January 16, 2025 Hapy Bear Surgery Center has agreed to pay $607,500 to settle a class action filed over a data breach that targeted the dental clinic in December 2023.

December 13, 2024 Workit Health has agreed to pay a $578,680 settlement to resolve a class action that claimed the platform illegally shared users’ personal data with Google and Facebook.

December 10, 2024 A $25 million settlement has been reached to resolve a class action that alleged GoodRx illegally shared users’ private information with Facebook, Google and Criteo without consent.

November 12, 2024 A settlement has been reached to resolve a class action that alleged Oak Valley Hospital failed to prevent a 2023 data breach.

October 15, 2024 Mednax has agreed to pay $6 million to settle a proposed class action lawsuit filed over a June 2020 data breach that reportedly impacted 2.7 million people.

October 10, 2024 Disney faces a class action over a “massive” July 2024 data breach in which personal information belonging to staff members and guests was reportedly leaked.

June 28, 2024 Kaiser Foundation Health Plan, Inc., the health insurance branch of Kaiser Permanente, has been hit with a class action over a data breach announced in April 2024.

May 16, 2024 Octapharma Plasma faces at least two proposed class action lawsuits over a 2024 data breach.

April 30, 2024 A class action accuses Banner Health of illegally sharing website visitors’ data with third parties, including Facebook and Google, without consent.

April 18, 2024 City of Hope has been hit with a class action over a 2023 cyberattack that compromised the private data of approximately 827,000 patients.

February 13, 2024 A class action claims San Diego Fertility Center Medical Group and Ivy Fertility have secretly disclosed website visitors’ private data to third parties without consent.

February 8, 2024 Keenan & Associates faces a class action over an August 2023 cyberattack that compromised the personal and medical data of more than 1,500,000 people.

February 8, 2024 Blue Shield of California faces a class action over a May 2023 data breach that exposed health plan members’ and beneficiaries’ private information to hackers.

January 19, 2024 HCP and an IT vendor face a class action over a cyberattack announced in April 2021 that compromised the private data of more than 293,000 people.

January 9, 2024 A class action claims Delta Dental failed to protect members’ personal and health information from a May 2023 data breach.

December 8, 2023 Scripps Health faces a class action over its alleged disclosure of website visitors’ private information to third parties, including Facebook and Google, without consent.

November 20, 2023 A class action accuses AltaMed Health Services Corporation of sharing the private health data of website visitors with third parties, including Facebook, without consent.

October 23, 2023 A class action claims Santa Clara Valley Medical Center secretly transmits the private data of website visitors to Facebook and other third parties without consent.

October 19, 2023 Prospect Medical Holdings, Inc. faces a class action that claims the healthcare corporation failed to protect private employee and patient data during an August 2023 cyberattack.

October 13, 2023 Quest Diagnostics and Optum360 face a class action in which a consumer claims the companies illegally shared his sensitive medical data with a third-party debt collector without authorization.

September 28, 2023 Amerita, Inc. faces a class action that claims the company failed to protect consumers’ personal information during a cyberattack reportedly discovered in March 2023.

August 29, 2023 A class action alleges online therapy service Headway secretly shares with Google website visitors’ private data, including information about their mental health conditions.

August 8, 2023 A class action lawsuit claims dialysis services provider DaVita has unlawfully shared website visitors’ personal data with third parties, including Facebook, without consent.

July 28, 2023 A class action out of California claims Tenet Healthcare Corporation secretly discloses to third parties the private health information of patients who visit at least 12 healthcare websites it operates.

July 24, 2023 A class action alleges Rite Aid discloses website visitors’ personal and health information to Meta and other third parties without their knowledge or consent.

June 29, 2023 Another proposed class action lawsuit claims negligence on the part of the Housing Authority of the City of Los Angeles (HACLA) is to blame for a data breach that went undetected for almost a full year.

June 16, 2023 A class action lawsuit claims negligence on the part of Apria Healthcare is to blame for a data breach that compromised the personal information of 1.8 million individuals nationwide.

June 1, 2023 A class action alleges Monument has illegally disclosed users’ information to third-party advertisers, including Meta, Google, Bing and Pinterest.

May 22, 2023 Google faces a class action over its alleged use of tracking tools on healthcare provider websites and apps to secretly collect consumers’ sensitive health and personal information.