Logan Health Facing Class Action Over February 2022 Data Breach
by Erin Shaak
Smeltz et al. v. Logan Health
Filed: March 9, 2022 ◆§ 4:22-cv-00028
Logan Health faces a class action over a February 2022 data breach that reportedly compromised the personal and health information of 213,545 individuals.
Logan Health, a Kalispell, Montana medical center, faces a proposed class action over a February 2022 data breach that reportedly compromised the personal and health information of 213,545 individuals.
The 21-page case out in Montana district court claims that the breach was a direct result of Logan Health’s apparent failure to implement adequate data security procedures. According to the suit, the information that may have been compromised includes patients’ names, addresses, medical record numbers, dates of birth, telephone numbers, email addresses, diagnosis and treatment codes, dates of service, treating/referring physicians, medical bill account numbers, health insurance information and Social Security numbers.
The lawsuit alleges that Logan Health “acted in reckless disregard” of patients’ privacy rights and has caused the individuals to incur “actual damages,” including “an increased and imminent risk” of fraud and identity theft, damages resulting from fraud and identity theft, time and expenses related to monitoring their accounts, the lost value of their personal information and “other economic and non-economic harm.”
Per the suit, Logan Health reported in February 2022 that it had experienced a data breach on November 18, 2021. The lawsuit says the medical center discovered on November 22 “suspicious activity” involving a file server containing patients’ personal information, and later reported that a “malicious actor” had gained access its system.
The suit stresses that this isn’t the first time Logan Health has experienced a data breach and notes that the medical center previously reported a January 2021 data breach that affected more than 2,000 Montanans and a 2019 data breach under its previous name, Kalispell Regional Healthcare, that affected 126,805 of the state’s residents.
The lawsuit argues that the consequences of Logan Health’s failure to properly secure patient information are “long lasting and severe.” Per the suit, the defendant’s offer of 12 months of identity theft protection services is inadequate to protect patients from the unauthorized use of their information.
“A free credit report and the ability to freeze their accounts is not only a right that every citizen enjoys, it is grossly inadequate to protect the Plaintiff and Class members from the threats they face resulting from the [personally identifiable information/protected health information] that was exposed,” the complaint states, arguing that free credit monitoring “has very little value as a preventative measure.”
The case looks to represent anyone whose sensitive personal information was compromised as a result of the breach of Logan Health’s electronic information systems.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.