37-2021-00026415-CU-BC-CTL

Putative class action against a healthcare provider. Defendant is alleged to have failed to take adequate security measures (including adequate vetting of the Defendant's IT service provider) to protect individuals' personal and medical information (including names, social security numbers or other government identification numbers, financial account numbers, dates of birth, medical diagnosis or treatment information, health insurance information, and/or client identification numbers) from unauthorized access. Defendants became aware of a data breach on or about April 12, 2021. Data breach is alleged to have occurred in late September 2020 and files obtained by an unauthorized third party between October 22, 2020 to December 3, 2020. Complaint alleges a violation of the CCPA § 1798.100, et seq.: failure to implement and maintain reasonable security measures sufficient to protect individuals' personal and medical information. Plaintiffs also bring various claims for negligence, negligence per se, breach of implied contract, breach of implied covenant of good faith and fair dealing, unjust enrichment, violations of CA's Unfair Competition Law (Cal. Bus. & Prof. Code § 17200, et seq.), violations of CA's Customer Records Act (Cal. Civ. Code §§ 1798.82, et seq.), and violations of CA's Confidentiality of Medical Information Act (Cal. Civ. Code § 56, et seq.)