Residents could be reimbursed for costs of hospital data breach

Residents may be eligible for part of a settlement following the recent data breach at Grays Harbor Community Hospital.

Numerous residents received notification in the mail that they could receive reimbursement for costs related to the breach of patient data at Grays Harbor Public Hospital District #2 from summer 2019.

“The Lawsuit claims that Grays Harbor was responsible for the Data Incident and asserts claims such as: violation of the Washington State Uniform Healthcare Information Act; violation of the Washington State Consumer Protection Act; negligence; intrusion upon seclusion/invasion of privacy; violation of the Washington State Constitution’s right to privacy; breach of express contract; and breach of implied contract. The Lawsuit seeks, among other things, payment for persons who were injured by the Data Incident.”

A website has been set up specifically for the class-action lawsuit settlement that outlines the settlement details, and states in Grays Harbor Superior Court documents that a total of $185,000 has been made available for residents who were impacted by the breach.

“The Court did not decide in favor of the Plaintiff or Grays Harbor. Instead, the Plaintiff negotiated a settlement with Grays Harbor that allows both Plaintiff and Grays Harbor to avoid the risks and costs of lengthy and uncertain litigation and the uncertainty of a trial and appeals.”

In the court paperwork, anyone who takes part in the settlement who submit a valid claim is eligible for out of-pocket expenses, not to exceed $210 a person, that were incurred as a result of the Data Incident: 

In addition, Grays Harbor shall reimburse up to $2,500 per settlement member for other costs that occurred as a result of the data breach not already covered if reasonable efforts were made. Claimants must have exhausted all credit monitoring insurance and identity theft insurance before Grays Harbor is responsible for any of those larger payouts.

This includes bank fees, long distance phone charges, cell phone or data charges, postage, or gasoline for local travel; fees for credit reports, credit monitoring, or other identity theft insurance product, up to three hours of documented lost time spent dealing with the incident, and other costs..

According to the settlement agreement, the local hospital has already spent at least $300,000 in improved information security enhancements since the incident, and will commit to spending at least another $60,000 in information security enhancements in each of years 2020, 2021, and 2022.

There is no obligation to take part in the settlement and payments are not automatic if you received a letter.

Those interested in being a part of the settlement must submit a claim by December 23, 2020, or residents could exclude themselves or opt-out by July 27, 2020.

Taking part in the settlement removes  your right to sue Grays Harbor for the claims being resolved by the settlement.

“Grays Harbor has denied and continues to deny all of the claims made in the Lawsuit, as well as all charges of wrongdoing or liability against it.”

Settlement website: