In 2016, a D.C. district court dismissed a lawsuit filed against CareFirst BlueCross BlueShield regarding its 2014 data breach, according to HIPAA Journal.
But a little over a month ago, on August 1, a D.C. appeals court overturned that decision, allowing the plaintiffs affected to move ahead with a class-action lawsuit.
When Investment Rhymes with Canada
Canada has a proud history of achievement in the areas of science and technology, and the field of biomanufacturing and life sciences is no exception.
Now, the court has granted CareFirst’s request to pause the ruling and appeal the case to the Supreme Court, reports FierceHealthcare.
In the appeal filed August 31, CareFirst noted its case presents a “substantial question” of whether the harm caused to patients due to a data breach is enough to warrant legal action.
“Even though lower courts have been forced to apply these principles to the data breach context at length in recent years as data breaches have become more frequent, the Supreme Court has yet to examine the issue of standing in the context of a data breach case,” the health insurer noted in the motion.
CareFirst believes SCOTUS should address this issue to give federal district and appellate courts additional guidance on when stolen data could actually mean future harm for individuals.
The breach, which impacted 1.1 million individuals, occurred in June 2014. But CareFirst didn’t learn about it until April of the following year. Shortly thereafter, the insurer put up a website giving information to the public.
“We deeply regret the concern this attack may cause,” CareFirst president and CEO Chet Burrell said in a statement at the time. “We are making sure those affected understand the extent of the attack — and what information was and was not affected.”
Photo: traveler1116, Getty Images
