The fallout continued Friday over the SunÕs disclosure in November that confidential patient information was being leaked from University Medical Center.
A lawsuit seeking class-action status was filed in District Court in Clark County against UMC and the man indicted by a federal grand jury in connection with the patient privacy scandal.
Henderson attorney Jesse Sbaih filed the suit on behalf of patients Rachel Cummings and Suzanne Poole.
The suit seeks to represent Òall emergency room/trauma patients who had their personal and confidential information leaked by UMC agents to third parties without their knowledge and consent from 2007 through the end of 2009.Ó
Besides UMC, the defendants include unnamed UMC trauma employees and Richard Charette, who was indicted April 28 by a federal grand jury on one count of conspiracy to illegally disclose personal health information, in violation of the Health Insurance Portability and Accountability Act, or HIPAA.
The indictment was prompted by the SunÕs investigation into an alleged conspiracy in which a UMC employee was paid for information about traffic accident victims that was used to drum up clients for attorneys.
The UMC employee faxed the registration sheets of trauma patients to Charette on at least 55 occasions and was paid about $8,000, the indictment said.
FridayÕs lawsuit said Cummings and Poole were involved in car accidents in October and both went to UMCÕs emergency room.
In January, they received letters from UMC advising them their confidential personal information may have been compromised and UMC was providing them a free one-year membership to a credit-monitoring service that would help them with identity theft protection, the lawsuit said.
The lawsuit claims UMC ÒrecklesslyÓ distributed news releases saying it was offering potential identity theft victims free credit monitoring services for one year.
ÒUMCÕs statement to the media and the general public regarding the one-year credit monitoring placed the victims of UMCÕs unlawful activities in clear and present danger of identity thieves by providing the identity thieves with notice as to the expiration of the credit monitoring subscription,Ó the lawsuit charged. ÒUnfortunately, after the expiration of the one year credit monitoring provided by UMC, an identity thief will likely endeavor to steal the identity of the victims, such as Ms. Poole and Ms. Cummings, without detection.Ó
The suitÕs allegations include violations of NevadaÕs medical privacy law, invasion of privacy, violation of NevadaÕs Deceptive Trade Practices Act, breach of contract, breach of fiduciary duty, conspiracy, and negligent training and supervision of employees.
A hospital spokeswoman said she couldnÕt comment on the allegations Friday.
Hospital officials told the Sun in November that they had heard rumors of patient data being leaked from the hospital, but said they had found no evidence of it. The FBI launched its investigation after the SunÕs report, and the hospital then acknowledged the leak.steve.green@lasvegassun.com / 990-7714
Copyright 2010 Las Vegas Sun
