20141015__cca-l-lawsuit~p1CARLSBAD >> A class action lawsuit against Community Health Systems now includes the Carlsbad Medical Center.

Community Health Systems, the parent company of the Carlsbad Medical Center and five other New Mexico hospitals, are being sued for failing to secure patient identity information against cyber attacks.

The lawsuit was filed jointly by Slack & Davis and the Branch Law Firm. It alleges that Community Health Systems and its hospitals’ security measures weren’t up to date and that there was a delay in informing patients whose information had been compromised. The suit also makes claims for “breach of contract, unjust enrichment, negligence and violations of sate laws”, according to a news release from the two law firms. Slack & Davis is a Texas based law firm; Branch Law Firm has an office in Albuquerque.

Representatives of the Carlsbad Medical Center did not respond to requests for comment by press time.

A statement released by Turner W. Branch, senior partner of the Branch Law Firm states: “CHS systems were inadequate to deal with contemporary computer system threats. CHS was also slow to detect the breaches and take corrective action. Finally, CHS inexcusably failed to promptly inform at-risk patients and family members of the breach.”

New Mexico based Alta Vista Regional Hospital, Eastern New Mexico Medical Center, Mimbres Memorial Hospital, Mountainview Regional Medical Center and Lea Regional Medical Center are also named in the lawsuit. Community Health Systems also operates 206 other medical properties in 29 other states.

Community Health Systems first announced the breach in August.

According to an initial press release, hackers based in China were able to penetrate the company’s records in April and June using malware. The cyber attack was successful; nearly 4.5 million patient records were hacked throughout the system.

According to the company, patient identity information was compromised including names, addresses, and social security numbers.

After the initial announcement of the breach, Carlsbad Medical Center public information officer, Melissa Suggs, told the Current-Argus that the hacked records did include Carlsbad patients. Those records were of patients who had been treated over the last five years at the medical center and affiliated clinics, specifically the Pecos Valley Physicians Group.

Community Health Systems denied that any credit card information was taken. No patient medical information was accessed.

“CHS’ blatant disregard for its contract of trust with its patients—specifically ensuring that all health and personal information would be protected and secure—has harmed millions of people who are now at high risk for the serious consequences of identity theft,” said Michael Slack, Managing Partner at Slack & Davis.

Community Health Systems and its affiliate properties said in August that all affected patients were being notified by letter and the company was offering free identity theft protection for those clients whose information had been compromised.

According to its website, the Carlsbad Medical Center is a 115-bed facility with in and out patient response and offers emergency and surgical services.


Leave a Reply

Please sing in to post your comment or singup if you don't have account.