HIPAA Blog

[ Tuesday, August 18, 2015 ]

Advocate (Chicago) Data Breach Lawsuit Dismissal Upheld: The court's basic ruling is that hypothetical future increased risk of identity theft is not "harm" for which one may sue for damages. Data on 4 million individuals was potentially disclosed, but only 2 people suffered actual identity theft (which could have been caused by some other information loss).

This will be the big issue that will impact the potential cost of data breaches (due to the ability of plaintiff's lawyers to bring class-action lawsuits): whether the mere likelihood that you are at a greater risk of something bad happening is actual damage/harm for which a lawsuit may be brought and monetary compensation awarded.

Jeff [10:05 AM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template