Connexin Software Hit with Class Action Over Pediatrician Data Breach Affecting 2M+ Patients [UPDATE]
by Erin Shaak
Last Updated on July 11, 2024
Rodriguez v. Connexin Software Inc.
Filed: January 10, 2023 ◆§ 2:23-cv-00098
A class action has been filed against Connexin Software (doing business as Office Practicum) over a data breach that reportedly affected over 2 million patients.
Pennsylvania
July 11, 2024 – Connexin Data Breach Settlement Given Preliminary Approval; Settlement Website Is Live
The $4 million Connexin Software data breach settlement described below was preliminarily approved by the court on March 13, 2024.
Don’t miss out on settlement news like this. Sign up for ClassAction.org’s free weekly newsletter here.
Class members have until July 25, 2024 to file claims for benefits, which can be submitted through the official settlement website, ConnexinDataSettlement.com, or by mail.
Head to this page to submit a claim form online. You may also download a PDF claim form to return by mail.
To file a claim, you will need the 10-character household ID and four-digit PIN found in the settlement notice you received. If you did not receive a notice or lost yours, contact the settlement administrator using the information on this page.
A final approval hearing is scheduled for July 24, 2024. It is typically after the court grants final approval to a settlement, and any appeals or objections are resolved, that compensation begins to go out to claimants.
More details on the Connexin data breach settlement, including what kind of benefits it will provide, can be found in the update below.
Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.
March 6, 2024 – Connexin Software Data Breach Lawsuit Resolved with $4M Settlement
Connexin Software has agreed to settle several consolidated data breach lawsuits, including the proposed class action described on this page, for $4 million.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
The settlement agreement says that the proposed deal, if preliminarily approved by the court, will cover anyone whose personal information was compromised in the data security incident that Connexin discovered on or around August 26, 2022—estimated to be approximately three million people.
The plaintiffs detailed the terms of the deal in a motion and attendant memo filed with the court on February 14, 2024. Class members will receive notice of the class action settlement by mail if and when the deal is preliminarily approved by United States District Judge Joshua D. Wolson.
Per the agreement, Connexin will pay $4,000,000, which will be used to provide settlement benefits to class members who submit valid, timely claims. Eligible class members can make a claim for one of three benefit options, court documents relay.
For one, class members will have the option to claim three years of credit monitoring and insurance services, with up to $1,000,000 in identity theft insurance, the memo shares.
Alternatively, an eligible class member may submit a claim for out-of-pocket losses that are documented and “fairly attributable” to the Connexin data breach, or up to five hours of lost time at a rate of $30 per hour. According to the memo, payment through this option is capped at $7,500 per individual.
Lastly, class members will have the option to receive an alternative pro rata cash payment, the amount of which will depend on the total number of valid claims that are filed for the aforementioned benefits, the settlement agreement states.
As part of the deal, Connexin has also agreed to implement business changes that will enhance its data and information security, the plaintiffs’ memo says.
To be eligible for a share of the settlement, a class member must submit a claim form by mail or online through the official settlement website, ConnexinClassAction.com, when it goes live.
Attorneys told the court that the Connexin settlement “represents a strong result” for data breach victims given that the company’s financial condition “raise[s] the real possibility” that it would seek bankruptcy protection had the case continued to proceed.
ClassAction.org will update this page if and when the settlement receives preliminary approval.
Don’t miss out on settlement news like this. Sign up for ClassAction.org’s free weekly newsletter here.
A proposed class action has been filed against Connexin Software Inc., a company that provides information technology solutions for pediatric practices under the name Office Practicum, over a data breach that reportedly affected over 2 million patients.
The 33-page lawsuit alleges that the breach, which was reported by Connexin in November 2022, was a result of the defendant’s “reckless, or at the very least, negligent” failure to implement reasonable data security procedures. According to the suit, the data breach is especially egregious given Connexin’s customers, for whom it stores a “massive amount” of patient data, are pediatricians whose patients are mostly children.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
The suit alleges that the information compromised in the Connexin data breach includes patients’ personal information, including their names, parents’ names, dates of birth and Social Security numbers; health insurance information; medical and treatment information, including diagnoses, procedures performed and prescription details; and billing or claims information. Per the suit, Connexin reported that nearly 120 pediatric practice groups were impacted by the breach and 2,216,365 individuals were affected.
The lawsuit argues that Connexin was aware that companies in the healthcare industry are particularly susceptible to data breaches yet failed to implement even “basic security procedures,” including those mandated by the Health Insurance Portability and Accountability Act (HIPAA) and recommended by the Federal Trade Commission.
Moreover, the case claims the defendant’s notice to those affected was “deficient” and failed to include “basic details” about the breach, including why patients’ data was stored on systems with inadequate security, what specific deficiencies were exploited, whether patients’ data was encrypted or otherwise protected, and whether Connexin knows “if the data has been further disseminated.”
“Connexin has not nearly disclosed all the details of the Data Breach and its investigation. Without such disclosure, questions remain as to the full extent of the Data Breach, the actual data accessed and compromised, and what measures, if any, Connexin has taken to secure the [personally identifiable information] and [protected health information] still in its possession.”
The lawsuit alleges that those whose information was exposed now face “a substantial increased risk” of identity theft that will continue indefinitely. Moreover, the impact of a data breach is even greater on children, the case says, given their records are essentially a “clean slate” and any fraudulent or unauthorized use of their information will likely go undiscovered for years. Per the suit, data breach victims will have to spend “significant time and money” to protect themselves and their children as a result of Connexin’s alleged failures.
The lawsuit looks to cover anyone in the U.S. whose personally identifiable information or protected health information was exposed during the data breach disclosed by Connexin around November 14, 2022.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.