Another Lawsuit Filed Against Community Health for Data Breach | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Another Lawsuit Filed Against Community Health for Data Breach

October 8, 2014
by Gabriel Perna
| Reprints

Another lawsuit was filed against the Franklin, Tenn.-based Community Health Systems (CHS), which owns and operates 206 hospitals in 29 states, for the massive August hack of its computer network.

This is the second major lawsuit against Community for the hack, which affected 4.5 million patients when a group from China used sophisticated malware and technology to breach the company's systems. A week after the hack was announced by Community, a lawsuit emerged in Alabama against CHS and CHS-based hospitals, Riverview Regional Medical Center and Gadsden Regional Medical Center.

The latest lawsuit may be even larger in scope. Two national firms, Austin-based, Slack & Davis and Albuquerque-based The Branch Law firm, are teaming up to file a class action against CHS. It alleges that CHS failed to follow basic security procedures to make patients protected health information (PHI) hidden.

In the hack, the intruders were able to access patient names, addresses, birth dates, telephone numbers and Social Security numbers. Because of the sheer size of CHS and the nature of the breach, the incident got a lot of national attention.

“CHS systems were inadequate to deal with contemporary computer system threats. CHS was also slow to detect the breaches and take corrective action.  Finally, CHS inexcusably failed to promptly inform at-risk patients and family members of the breach,” Turner Branch, senior partner of The Branch Law Firm, said in a statement.

The law firms demanded a jury trial in the lawsuit.

The Health IT Summits gather 250+ healthcare leaders in cities across the U.S. to present important new insights, collaborate on ideas, and to have a little fun - Find a Summit Near You!


See more on