Clym Adds HIPAA Authorization to Its Consent Management Platform – openPR.com
Clym Adds HIPAA Authorization to Its Consent Management Platform – FinancialContent
Clym Adds HIPAA Authorization to Its Consent Management Platform FinancialContent
Transcure Deploys Medical Billing Experts for 2026 HIPAA Transition Requirements – The National Law Review
Transcure Deploys Medical Billing Experts for 2026 HIPAA Transition Requirements The National Law Review
Privacy Examiner Launches Independent Website Risk Detection & Monitoring Service for Healthcare Providers – markets.businessinsider.com
Privacy Examiner Launches Independent Website Risk Detection & Monitoring Service for Healthcare Providers markets.businessinsider.com
Privacy Examiner Launches Independent Website Risk Detection & Monitoring Service for Healthcare Providers – FinancialContent
Missed the HIPAA Deadline? Don’t Panic, Health Care Entities Can Still Update Privacy Practices and Policy Notices – JD Supra
Asheville Eye Associates Settles Lawsuit Stemming from DragonForce Ransomware Attack
Asheville Eye Associates, an eye care provider serving patients in Western North Carolina, has agreed to settle class action litigation stemming from a November 2024 cyberattack and data breach.
A cyber threat actor accessed its network and potentially viewed or obtained patient information, including names, addresses, health insurance information, and medical treatment information. The Asheville Eye Associates data breach was reported to the HHS’ Office for Civil Rights as affecting 204,984 individuals. The DragonForce ransomware group took credit for the attack and claimed to have exfiltrated 540 GB of data before encrypting files. The data was leaked when the ransom was not paid. The affected individuals were notified about the attack in early February 2024.
Multiple lawsuits were filed in response to the data breach by plaintiffs Robert Woodsmall, Mimi Reynolds, Dena Brito, Robert Ricchetti, and Christopher Miller. The lawsuits were consolidated, In re Asheville Eye Associates Data Incident Litigation, in South Carolina’s General Court of Justice Superior Court Division. The lawsuit asserted several claims, including negligence, negligence per se, unjust enrichment, breach of implied contract, and breach of confidence. Asheville Eye Associates denies all claims and contentions in the lawsuit and maintains there was no wrongdoing.
Following mediation, all parties agreed to settle the litigation to avoid further litigation costs and expenses, and the uncertainty of a trial. Under the terms of the settlement, Asheville Eye Associates has agreed to pay for attorneys’ fees and expenses, settlement administration and notification costs, service awards for the class representatives, and several benefits for the class members.
Attorneys’ fees and expenses will not exceed $500,000, settlement administration costs are $53,000, and service awards of $1,250 per class representative (total: $6,250) have been approved. Class members may submit a claim for reimbursement of documented, unreimbursed losses due to the data breach up to a maximum of $1,250 per class member. All class members may claim one year of identity theft protection services, and will automatically receive a $10 voucher that can be used toward the purchase of eyeglasses at any Asheville Eye Associates location (except its 21 Medical Park Drive, Asheville, North Carolina location).
The deadline for objection, exclusion, and submitting a claim is April 6, 2026. The final fairness hearing has been scheduled for May 14, 2026.
The post Asheville Eye Associates Settles Lawsuit Stemming from DragonForce Ransomware Attack appeared first on The HIPAA Journal.
January 2026 Healthcare Data Breach Report – The HIPAA Journal
January 2026 Healthcare Data Breach Report The HIPAA Journal