[ISN] Alere Home Monitoring data breach class suit thrown out

http://healthitsecurity.com/2014/10/09/alere-home-monitoring-data-breach-class-suit-thrown-out/ By Patrick Ouellette Health IT Security October 9, 2014 Nearly two years after Alere Home Monitoring, Inc. reported that an employee’s password-protected laptop was stolen from their car and 116,000 patients’ data was potentially compromised, a California federal judge threw out a possible class action suit that sought $116 million in damages. Law360 reports that U.S. District Judge Jon S. Tigar found no liability for the negligent release of stolen medical information under California’s Confidential Medical Information Act (CMIA). According to the report, plaintiffs were given 21 days to refile an amended complaint. “These two California Court of Appeal decisions are the only published opinions interpreting this California statute statutory law, and plaintiffs have cited no other data that would persuade this federal court sitting in diversity that the California Supreme Court would necessarily decide the issue otherwise,” Judge Tigar wrote. Alere’s 2012 breach exposed home monitoring patients’ names, addresses, dates of birth, Social Security numbers and diagnosis codes. For context, there are a lot of patients who use Alere products through Medicare coverage, explaining why the scope of the breach was so large. The patients involved in the class suit used Alere’s International Normalized Ratio (INR) products at home for bleeding and blood clot tests, with the information to be transmitted between the patient and physician. […]