Security News > 2020 > February > Lawsuit Claims HIV Data Exposed in Leak
A lawsuit seeking class action status filed against UW Medicine in the wake of a data leak incident has been amended to reflect that at least one HIV patient allegedly had their data exposed.
The lawsuit alleges UW Medicine, a Seattle-based academic medical system that includes several hospitals and a large physician practice, failed to properly protect PHI when it misconfigured a database, leaving nearly 974,000 patients' information exposed to the internet for several weeks.
The lawsuit says that data exposure tied to misconfigured IT is a growing problem.
Some of the largest health data breaches reported to federal regulators last year involved misconfigured IT. That includes a data leak reported by Puerto Rico-based clearinghouse and cloud services provider Inmediata Health Group last April that affected about 1.6 million individuals.
The amended lawsuit contends that individuals' data was left exposed on the internet for more than one month and that UW Medicine was not forthcoming about the sensitive data, such as HIV test information, that was exposed.
News URL
https://www.inforisktoday.com/lawsuit-claims-hiv-data-exposed-in-leak-a-13759