The mother of a former patient of Ann and Robert Lurie Children’s Hospital of Chicago filed a lawsuit on May 8 against the hospital over a medical records privacy breach, according to The Chicago Sun-Times.
In the lawsuit, the mother claimed that two former Lurie Children’s employees allegedly accessed her 3-year-old daughter’s medical records from early last year. The mother received a letter from the hospital in December 2019 notifying her that a nursing assistant had accessed her daughter’s medical records “without a work-related reason,” according to the report.
The mother claimed she then received another letter from the hospital on May 4 that a different employee had also inappropriately accessed her daughter’s medical records. Lurie Children’s posted a notice on May 4 to its website that an employee viewed more than 4,800 patient medical records without a work-related reason.
“Rather than take it seriously, Lurie chalked it up to the curiosity of a bored employee,” the lawsuit states. “Lurie refused to discuss whether this was a more widespread problem.”
In a statement on May 8, Lurie Children’s said: “In December 2019 and May 2020, Lurie Children’s notified some of our patients about two nurse assistants who had accessed certain patients’ medical records without an identified patient need. We have no reason to suspect any misuse of patient information associated with this incident,” according to the publication.
“Lurie Children’s addressed this issue in accordance with our disciplinary policies, and the employees no longer work for the hospital,” the statement continues. “We remain committed to providing the highest standard of patient care, as well as protecting the privacy and confidentiality of our patients.”
The lawsuit is seeking class-action status to include other patients whose medical records were also inappropriately accessed. The mother is seeking ongoing credit monitoring for patients who were affected by the security breach as well as damages and restrictions enacted to prevent further breaches, according to the report.
More articles on cybersecurity:
US government warns hackers may target hospitals for COVID-19 vaccine research, intellectual property
Saint Francis Healthcare Partners email hack affects 38,529 patients
Ransomware attackers hit 2 providers, post patient information and photos online: 5 details