Home Industries Health Care Advocate Aurora patients seeking more than $5 million following data breach

Advocate Aurora patients seeking more than $5 million following data breach

Advocate Aurora Health's Milwaukee headquarters in Walker's Point.

Patients of Advocate Aurora Health have filed a class action complaint against the organization, seeking financial relief following a data breach earlier this month that exposed sensitive information related to approximately 3 million people in both Wisconsin and Illinois. The complaint states those affected by the breach are seeking more than $5 million in damages.

Already a subscriber? Log in

To continue reading this article ...

Subscribe to BizTimes today and get immediate access to our Insider-only content and much more.

Learn More and Subscribe Now
Ashley covers startups, technology and manufacturing for BizTimes. She was previously the managing editor of the News Graphic and Washington County Daily News. In past reporting roles, covering education at The Waukesha Freeman, she received several WNA awards. She is a UWM graduate. In her free time, Ashley enjoys watching independent films, tackling a new recipe in the kitchen and reading a good book.
Patients of Advocate Aurora Health have filed a class action complaint against the organization, seeking financial relief following a data breach earlier this month that exposed sensitive information related to approximately 3 million people in both Wisconsin and Illinois. The complaint states those affected by the breach are seeking more than $5 million in damages. According to the complaint, Milwaukee-based Advocate Aurora used a tracking pixel to collect and transmit information from its websites to third parties, including information communicated in “sensitive and presumptively confidential” patient portals and mobile apps like MyChart and LiveWell. Some patients affected by the data breach, which occurred Oct. 14, argue Advocate Aurora is responsible for the incident because the organization knowingly implemented and configured the tracking pixel to disclose the identities and communications of its patients to Facebook. “(Advocate Aurora) disregarded the rights of plaintiff and class members by intentionally, willfully, recklessly, and/or negligently disclosing its patients’ private information via the tracking pixel,” reads the complaint. “As a result (patients’) private information was compromised through disclosure to Meta, Facebook, Google and other unknown and unauthorized parties.” Among the patient data that was breached included IP addresses; the dates, times and/or locations of appointments; information about patients’ health care providers, information on types of appointments and procedures; and any communications patients had through the MyChart app. Advocate Aurora said in a notice of breach posted to its website that it has disabled and/or removed tracking pixels on patient websites and applications. "We take patient privacy very seriously, employ robust internal controls to protect patient data and are committed to compliance with all laws applicable to our operations," said Advocate Aurora in a statement. "Like others in our industry, we have used internet tracking technologies to improve the consumer experience across our websites and encourage individuals to schedule necessary preventive care. We are thoroughly evaluating the information we collect and track. As part of this evaluation and out of an abundance of caution, we have turned off pixels and related analytics tools across our online properties. We are not aware of any misuse of information arising from this incident."
Exit mobile version