Quest Diagnostics and Connexin Software to Settle Their Lawsuits

by

California Attorney General Rob Bonta has declared that a $5 million settlement with Quest Diagnostics has been reached to fix allegations that it is unlawfully dumping hazardous and medical waste materials and disposed of the unredacted personal health information of patients in typical trash dumps. An investigation of the business protocols of Quest Diagnostics was carried out. The investigation involved 30 inspections at four Quest Diagnostic Laboratories and a few of its patient service centers established in California to find out if Quest Diagnostics was compliant with the Medical Waste Management Act, Unfair Competition Law, California’s Hazardous Waste Control Law, and civil laws that do not allow the disclosure of the personal information of Californians.

The inspections included assessments of the contents of compactors at Quest facilities which saw hundreds of containers of chemicals such as reagents and bleach, and electronic waste and batteries. The dumpsters likewise comprised medical waste for instance specimen containers that have blood and urine, dangerous waste like combustible liquids, solvents, and batteries, and unredacted medical data.

Quest Diagnostics was advised about the discoveries of the reports and appointed an independent environmental auditor to analyze its waste disposal guidelines and measures, which are now revised. Workforce training on the revised policies and procedures was offered in all four laboratories and around 600 patient service clinics in the state to be sure of whole compliance with California legislation.

Quest Diagnostics regards patient data privacy and environmental protection as a serious matter and has made considerable investments to apply industry guidelines to make sure unsafe waste, medical waste, and confidential patient records are dumped appropriately. Investments include employing modern innovations for the treatment of biological waste products, secured destruction of patient data, programs to increase recycling endeavors and reduce waste-to-landfill dumping, waste-to-energy treatment of nonrecyclable wastes, and better waste audit and inspection steps to ensure extended compliance with pertinent legal guidelines.

The settlement involves $700,000 in expenses, $3,999,500 in civil monetary fines, and $300,000 for a Supplemental Environmental Project to assist environmental training and enforcement in California, and injunctive relief that requires Quest Diagnostics to retain an environmental compliance plan and get a third-party waste auditor to do annual audits and report its status. The civil monetary penalties will be divided between 10 California counties. The investigation was a venture of the office of Attorney General Bonta and the District Attorney’s offices in Monterey, Alameda, Los Angeles, Orange, San Joaquin, Sacramento, San Bernardino, San Mateo, Yolo, and Ventura counties.

Quest Diagnostics’ illegal dumping of harmful medical waste and patient records puts people and communities at risk. The message of the settlement today is clear that the Attorney General’s office will hold firms, including medical services providers, answerable for breaches of state environmental and privacy regulations.

Kaiser Foundation Health Plan Foundation Inc. and Kaiser Foundation Hospitals were at the same time investigated because of their waste disposal practices and were equally discovered to have incorrectly disposed of unsafe waste, medical waste, and patient info, breaking state rules. The case was paid out for $49 million in September 2023.

Connexin Software Proposes to Settle Class Action Lawsuit Settlement to Avert Bankruptcy

Connexin Software, which is also known as Office Practicum, has suggested paying $4 million to resolve a combined class action lawsuit associated with a 2022 data breach that affected about 3 million people. Office Practicum provides pediatric-specific health information technology solutions to healthcare companies, such as electronic health records, practice management software programs, business analytics applications, and billing services.

On August 26, 2022, Connexin Software reported it noticed a data anomaly in its internal network, and the following forensic investigation established that an unauthorized third party had provided an offline set of patient information that was employed for data conversion and troubleshooting. The exposed information included the PHI of 2,675,934 patients, mostly kids. The breached data contained names, email addresses, parent/guardian names, guarantor names, dates of birth, medical insurance data, medical and treatment details, Social Security numbers, and billing and claims details.

Connexin Software is facing a few class action lawsuits soon after it publicized the breach. Nine of the lawsuits were consolidated into one class action lawsuit because they all presented similar claims, which included a claimed inability to employ reasonable and suitable security procedures to safeguard patient records. Children’s information is notably invaluable to cybercriminals since it may be misused for several years. The victims sustained a breach of privacy and prompt and long-term problems of fraud, identity theft, , misappropriation of health insurance benefits, and other misuses. The plaintiffs asserted that the attacker might as well offer the data of children to human trafficking groups.

The settlement is ideal for all parties affected. The plaintiffs could file for a refund of out-of-pocket payments and Connexin Software will avoid additional legal expenditures. Connexin Software said to the judge when completing the preliminary settlement that in the event the lawsuit had gone on much further, the firm would have no alternative except to file for bankruptcy.

All parties have accepted the planned settlement, which has obtained preliminary authorization from a Pennsylvania federal court judge. The plaintiffs and class members were presented with three selections: three years of expanded identity theft protection services and a $1,000,000 identity theft insurance policy coverage; repayment for unreimbursed out-of-pocket costs up to a maximum of $7,500 for every class member; or a flat-fee cash payment, the exact amount of which is going to be confirmed according to the claims acquired. Connexin Software has additionally decided to invest $1.5 million in its information security process to better secure patient records down the road. Legal representatives for the plaintiffs and class members would like close to $1.3 million in service fees.

The parties knew each other’s good and bad points because of the court’s judgment on Connexin’s partial motion to dismiss, their exchange of a large number of pages of docs, about a dozen depositions, and mediation-linked discovery and analysis focused on Connexin’s finances. In place of extending the case, plaintiffs have gotten to a settlement that will promptly give them and class members substantial benefits for their injuries due to the data security incident. The settlement is currently awaiting the unscheduled final hearing.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at https://twitter.com/ElizabethHzone