Data Breach

HCA Healthcare Faces Class Action Lawsuit Over Data Breach

Updated on
Published on
HCA Healthcare Faces Class Action Lawsuit Over Data Breach

In a recently filed lawsuit, Elizabeth Crown, a patient of HCA Healthcare, Inc., has launched a class-action lawsuit against the healthcare giant, alleging serious data privacy violations. The lawsuit, filed in the Eighth Judicial District Court of Clark County, Nevada, accuses HCA Healthcare of failing to protect the personal identifying information (PII) of Crown and millions of other patients in a cyber-attack on its servers.

The complaint alleges that HCA Healthcare became aware of the breach on or about July 5, 2023, but did not notify the affected individuals until a month later. According to the lawsuit, the cybercriminals accessed a trove of personal information, including patients' names, addresses, email addresses, telephone numbers, dates of birth, gender, and appointment details. "Defendant failed to safeguard the confidential personal identifying information (PII) of the plaintiff and millions of individuals (Class Members) in a cyber-attack on its servers," the complaint reads. This has put Crown and the other class members at a high risk of identity theft, unauthorized access to email accounts, and other fraudulent use of their PII.

The lawsuit is grounded in three main legal theories: negligence, invasion of privacy by public disclosure of private facts, and breach of implied contract. The negligence claim alleges that HCA Healthcare failed to maintain reasonable data security measures, violating the duty of care that companies owe to their customers. On the other hand, the invasion of privacy claim accuses HCA Healthcare of unauthorized disclosure of private information, a violation of the right to privacy. Finally, the breach of implied contract claim alleges that HCA Healthcare failed to protect and secure the private information that patients entrusted to them, a violation of the implied contract between the company and its customers.

The Federal Trade Commission Act, which prohibits unfair or deceptive acts or practices in commerce, is also referenced in the lawsuit. According to the complaint, HCA Healthcare's failure to maintain reasonable data security measures constitutes an unfair act or practice under the Act.

Crown and the other class members are seeking various damages, including actual damages, economic damages, emotional distress damages, statutory damages, nominal damages, exemplary damages, and injunctive relief. They are also seeking to recover the fees and costs of litigation.

The class members are defined as all persons whose sensitive personal information was obtained by an unauthorized individual during the data breach in July 2023.

This lawsuit is a stark reminder of the importance of data security in the healthcare industry, which maintains large volumes of patient PII. As the case unfolds, it will undoubtedly set a precedent for how healthcare companies handle and protect their patients' personal information.

Case Facts

  • Status:
    Lawsuit Filed
  • Case Number:
    A-23-877840-C
  • Filing Date:
    September 15, 2023
  • Jurisdiction:
    Clark County
  • State:
    Nevada
  • Court:
    Eighth Judicial District Court of Nevada
  • Plaintiff:
    Elizabeth Crown
  • Defendant:
    HCA Healthcare, Inc.; Does 1-10, inclusive
  • Plaintiff Firm:
    Kind Law
  • Defendant Firm:
  • Claims Administrator:
Contributors
Kevin Salzman, Esq.
Kevin Salzman, Esq.
Reporter and Licensed Attorney
Weekly newsletter

Stay up to date with new class action settlements you may join.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Complaint

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Related class action lawsuits

Read more to get notified about updates to each case.

Patelco Credit Union Faces Lawsuit Over Alleged Data Breach
Data Breach

Patelco Credit Union Faces Lawsuit Over Alleged Data Breach

Patelco Credit Union is facing a class-action lawsuit alleging inadequate data security practices that led to a data breach, violating several consumer protection laws.
Multi-Million Dollar Lawsuit Against CLEAResult Over Data Breach
Data Breach

Multi-Million Dollar Lawsuit Against CLEAResult Over Data Breach

Lawsuit alleges CLEAResult Consulting Inc. failed to secure sensitive customer data, potentially exposing thousands to identity theft and fraud.
Lulus.com Hit with Class Action over Customer Doxing Claims
Data Breach

Lulus.com Hit with Class Action over Customer Doxing Claims

Lawsuit alleges Lulus.com violated privacy laws, doxed users, and enabled third-party eavesdropping. These are all allegations at this stage.
Cornwell Quality Tools Faces Class Action Lawsuit Over Data Breach
Data Breach

Cornwell Quality Tools Faces Class Action Lawsuit Over Data Breach

Alleged data breach at Cornwell Quality Tools leads to class-action lawsuit. Plaintiff claims negligence, breach of duty, and violation of legal obligations.
Nice Pak Products Faces Class Action Over Data Breach
Data Breach

Nice Pak Products Faces Class Action Over Data Breach

Lawsuit alleges Nice Pak Products, Inc. failed to protect employees' personal information, leading to a data breach. Damages sought for negligence, violation of FTC Act.
Peoples Bank Faces Lawsuit Over Data Breach, Customers Seek Damages
Data Breach

Peoples Bank Faces Lawsuit Over Data Breach, Customers Seek Damages

Lawsuit alleges Peoples Bank's negligence led to a data breach, compromising sensitive personal information of approximately 47,590 customers.
Caesars Entertainment Faces Multi-Million Dollar Lawsuit Over Data Breach
Data Breach

Caesars Entertainment Faces Multi-Million Dollar Lawsuit Over Data Breach

Caesars Entertainment is facing a lawsuit over a data breach. Allegations include negligence, invasion of privacy, and breach of contract.
Progressive Insurance Hit with Lawsuit Over Alleged Data Breach
Data Breach

Progressive Insurance Hit with Lawsuit Over Alleged Data Breach

Progressive Casualty Insurance Company faces a lawsuit alleging failure to protect customers' personal information during a data breach, a violation of the FTC Act.
HCA Healthcare Faces Class Action Lawsuit Over Data Breach
Data Breach

HCA Healthcare Faces Class Action Lawsuit Over Data Breach

Class-action lawsuit alleges HCA Healthcare violated data privacy laws, leading to a massive data breach affecting millions of patients.
PurFoods Faces Lawsuit Over Massive Data Breach: Damages Sought
Data Breach

PurFoods Faces Lawsuit Over Massive Data Breach: Damages Sought

Douglas and Goodon allege PurFoods' negligence led to a massive data breach, violating HIPAA and FTC Act, and seek damages for the compromised private information.
PurFoods Faces Multi-Million Dollar Lawsuit Over Alleged Data Breach
Data Breach

PurFoods Faces Multi-Million Dollar Lawsuit Over Alleged Data Breach

Lawsuit alleges PurFoods, also known as Mom's Meals, failed to protect customer data, leading to a breach affecting over 1.2 million individuals.
TMG Health Faces Lawsuit Over Alleged Data Breach
Data Breach

TMG Health Faces Lawsuit Over Alleged Data Breach

Lawsuit alleges TMG Health failed to protect clients' sensitive information, leading to a potential data breach. The company is accused of violating HIPAA and other laws.
MAPFRE Faces Lawsuit Over Alleged Privacy Violations - Damages Sought
Data Breach

MAPFRE Faces Lawsuit Over Alleged Privacy Violations - Damages Sought

Brian Conway files a lawsuit against MAPFRE and The Commerce Insurance Company for allegedly violating the DPPA by disclosing drivers' license numbers.
Rite Aid Faces Lawsuit Over Alleged Data Breach, Plaintiffs Seek Compensation
Data Breach

Rite Aid Faces Lawsuit Over Alleged Data Breach, Plaintiffs Seek Compensation

Rite Aid Corporation is accused of negligence and violation of data security and privacy laws in a lawsuit following a data breach that allegedly exposed customer information.
Clients Seek Damages from Regal Securities in Lawsuit Over Data Breach
Data Breach

Clients Seek Damages from Regal Securities in Lawsuit Over Data Breach

Lawsuit alleges Regal Securities, Inc. mishandled personal data, leading to a breach. Clients seek damages for negligence and violation of Illinois consumer protection laws.
Jackson National Life Insurance Faces Multi-Million Dollar Lawsuit Over Data Breach
Data Breach

Jackson National Life Insurance Faces Multi-Million Dollar Lawsuit Over Data Breach

Lawsuit alleges Jackson National Life Insurance Company failed to protect customers' personal data, leading to a data breach. Plaintiffs seek damages for invasion of privacy, lost productivity, and increased risk of identity theft.
Advance America Faces Lawsuit Over Data Breach, Plaintiff Seeks Damages
Data Breach

Advance America Faces Lawsuit Over Data Breach, Plaintiff Seeks Damages

Lawsuit alleges Advance America failed to secure and safeguard personally identifiable information, leading to a data breach.
Progress Software Corp. Faces Class Action Over Data Breach
Data Breach

Progress Software Corp. Faces Class Action Over Data Breach

A class-action lawsuit alleges that Progress Software Corporation and Maximus Federal Services failed to safeguard customers' personally identifiable information, leading to a significant data breach.
AMM Faces Class Action Lawsuit Over Data Breach, Plaintiffs Seek Damages
Data Breach

AMM Faces Class Action Lawsuit Over Data Breach, Plaintiffs Seek Damages

Lawsuit alleges Advanced Medical Management, LLC failed to protect sensitive personal data of over 300,000 individuals, leading to a data breach.
Mondelez Global Data Breach Class Action: 51k People Impacted
Data Breach

Mondelez Global Data Breach Class Action: 51k People Impacted

Mondelez Global LLC faces a class action lawsuit for allegedly failing to protect personal data, leading to a breach. The plaintiff seeks at least $5 million in damages.
Class Action Lawsuit - Ipswitch, Inc. & Progress Software Data Breach
Data Breach

Class Action Lawsuit - Ipswitch, Inc. & Progress Software Data Breach

Class action lawsuit alleges Ipswitch, Inc. and Progress Software Corporation's negligence led to a data breach, exposing sensitive personal information.
PharMerica Corporation Class Action Filed Over Data Breach
Data Breach

PharMerica Corporation Class Action Filed Over Data Breach

Pharmerica Corporation is facing a class action lawsuit alleging negligence in protecting customers' private information, potentially leading to a data breach.
Kraemer North America Faces Class Action Over Data Breach
Data Breach

Kraemer North America Faces Class Action Over Data Breach

Kraemer North America is facing a class-action lawsuit over an alleged data breach. The lawsuit alleges the company failed to secure employees' data and notify them promptly.
Apria Healthcare Class Action: Alleged Data Breach
Data Breach

Apria Healthcare Class Action: Alleged Data Breach

Lawsuit alleges Apria Healthcare failed to protect customer data, leading to a data breach.
$5 Million Lawsuit - Veridian Credit Union's Alleged Data Breach
Data Breach

$5 Million Lawsuit - Veridian Credit Union's Alleged Data Breach

Class action lawsuit alleges Veridian Credit Union failed to protect customer data, violating multiple laws.
Albertsons Data Breach: Class Action Lawsuit at least $5m
Data Breach

Albertsons Data Breach: Class Action Lawsuit at least $5m

Lawsuit alleges Albertsons Companies failed to protect personal information of customers in a data breach, violating privacy and security laws.