Good Samaritan Hospital’s Class Action Data Breach Lawsuit Settled

Good Samaritan Hospital’s Class Action Data Breach Lawsuit Settled

July 10, 2023

Good Samaritan Hospital in San Jose, California, reached a settlement on a class-action lawsuit from a data breach that happened in 2020. According to the report, around 33,835 patients were affected after unauthorized individuals gained access to their protected health information (PHI). 

The Good Samaritan Hospital data breach allegedly occurred between October 28 and November 8, 2019. However, the California-based hospital said it did not violate anything and fully complied with all state and federal laws, including the Health Insurance Portability and Accountability Act of 1996 or HIPAA.

Good Samaritan Hospital’s Class Action Data Breach Lawsuit Settled

Data Breach Details: Unauthorized Access to Patient Information

The exposed data allegedly contained sensitive patient information, which included names, birth dates, Social Security numbers, driver’s license numbers, passport numbers, tax identification numbers, financial account numbers, health insurance information, billing information, doctors’ names, and medical record numbers. On top of that, unauthorized third-party actors also gained access to medical histories, diagnoses, treatment and prescription information, Medicare/Medicaid IDs, and patient account numbers.

Class Action Lawsuit on Good Samaritan Hospital: Allegations and Legal Proceedings

The Young, et al. v. Good Samaritan Hospital­­ lawsuit was filed in the California Superior Court for Los Angeles County, arguing that the hospital failed to safeguard its confidential patient information. According to the plaintiff, the hospital committed negligence and violated several regulations, including the California Confidentiality of Medical Information Act (CMIA) and the California Business and Professions Code. Moreover, the lawsuit stated that it could have prevented the incident if there were appropriate security policies and procedures.

In response, Good Samaritan Hospital denied these allegations. Despite their denial of the lawsuit claims, the hospital agreed to settle to avoid further legal costs. While still waiting for the judge’s approval, all concerned parties have already agreed upon the proposed Good Samaritan Hospital lawsuit settlement. According to The HIPAA Journal, there will be a final approval hearing for the case on September 5, 2023.

Good Samaritan Hospital’s Class Action Data Breach Lawsuit Settled

Terms and Proposed Compensation

Even though the total settlement fund has not been made public, all class members are eligible to claim up to $1,500 for ordinary expenses reimbursement. This will cover the documented expenses sustained from the Good Samaritan Hospital data breach incident, including monitoring costs, phone calls, loan interests, communication charges, card re-issuance fees, miscellaneous fees for local travels, and other unreimbursed bank fees.

Accordingly, affected individuals who suffered from identity theft, medical fraud, tax fraud, and other types of fraud can submit claims for documented losses of up to $5,000. Furthermore, Good Samaritan Hospital also agreed to spend more than $459,921.51 on upgrades to enhance its data security measures within 90 days after the effectivity date of the settlement.

For the legal fees, the class counsel agreed to advance the funds to pay for the expenses of this case. Under the proposed settlement, the class counsel may ask for an amount not exceeding $375,000, subject to court approval. The defendant will pay for the attorneys’ fees and costs aside from the benefits offered to the Settlement Class Members. 

Moreover, the plaintiff also asks for a service enhancement award amounting to $2,000 on top of the eligible benefits to compensate for the caused burden. Meanwhile, all the administrative costs for disputed claims should be paid directly by the defendant­­, which is the Good Samaritan Hospital, to the settlement administrator.

Good Samaritan Hospital data breach lawsuit settlement

Reimbursement and Documentation Requirements

The claimants are entitled to receive the following benefits:

Identity monitoring services

Settlement Class Members can enroll in two years of Identity Monitoring Services from Experian, which includes identity theft insurance of up to $1,000,000. Each claimant may also receive fraud resolution services. 

Remedial measures

Based on the security commitments of the settlement agreement, Good Samaritan Hospital agrees to improve its data security practices within 90 days after the settlement effectivity date.

Cash payments

Settlement class members can submit valid reimbursement claims divided into two categories:

1. Reimbursement for ordinary expenses

Each person can receive up to $1,500 for ordinary expenses. To submit a claim, individuals must provide documentation to the claims administrator that verifies their out-of-the-pocket expenses.

2. Reimbursement for extraordinary expenses

Each person can receive up to $5,000 for extraordinary expenses. These include financial losses from identity theft and other forms of fraud.

If you received a data breach notice from Good Samaritan Hospital, you are entitled to receive a settlement. To verify and confirm whether you can submit a claim, you may call 1-888-440-1264 or email Note that you are required to complete and submit the claim forms online through this website to receive your cash payments. 

The deadline for filing a claim is on July 18, 2023. 

Kent Cañas

Kent is a content strategist currently specializing in HIPAA-compliant online fax. Her expertise in this field allows her to provide valuable insights to clients seeking a secure and efficient online fax solution.

More great articles
Is iMessage HIPAA-Compliant?
Is iMessage HIPAA-Compliant?

Is iMessage HIPAA-compliant? Let's take a look at whether this messaging service is compliant with HIPAA regulations.

Read Story
is sharepoint hipaa compliant
Is SharePoint HIPAA Compliant?

Is SharePoint HIPAA Compliant? Read on to find out more about SharePoint's compliance with HIPAA.

Read Story
5 Best HIPAA-Compliant VPN Services
5 Best HIPAA-Compliant VPN Services

Here are some of the best HIPAA-compliant VPN services for protecting sensitive healthcare data.

Read Story
Subscribe to iFax Newsletter
Get great content to your inbox every week. No spam.

    Only great content, we don’t share your email with third parties.