An appeals court has dismissed several class action lawsuits filed against Sutter Health, due to a data breach it suffered nearly three years ago.
On Monday, the California Third District Court of Appeal ruled (PDF) that plaintiffs, which filed on behalf of over four million impacted patients, failed to prove that an actual breach of confidentiality occurred as a result of Sutter's 2011 computer theft.
Through 13 consolidated lawsuits, plaintiffs sought about $4 billion in damages from Sacramento, Calif.-based Sutter Health, accusing the organization of violating the California Confidentiality of Medical Information Act (CIMA). Individuals “failed to state a cause of action under the Confidentiality Act because they [did] not allege that the stolen medical information was actually viewed by an unauthorized person,” court documents said.
The password-protected computer reportedly housed the names, addresses, birth dates, phone numbers and medical record numbers of patients.