Medical supply company files lawsuit after breach

Share this article:

San Jose Medical Supply Co. in California has filed a lawsuit against former employees for allegedly disclosing customer information to two competitors, which it also is suing.

How many victims? Unknown, but a San Jose Medical Supply Co. business blurb indicates the company serves thousands of customers.

What type of personal information? Full names, dates of birth, Social Security numbers, home addresses, Medi-Cal ID numbers, physician's names and contact information, prescriptions, diagnoses, disability codes and invoices.

What happened? Customer information had been collected by former San Jose Medical Supply Co. employees, officers and/or agents, according to a July 17 letter sent to victims. Allegedly, the former employees subsequently disclosed the information to Front Medical Supplies and Living Medical Equipment.

What was the response? The employees involved were fired. San Jose Medical Supply Company filed a lawsuit against the workers, as well as Front Medical Supply and Baypoint Medical Supply. A contact could not be reached to explain why Baypoint was listed in the business tort claim and not Living Medical Equipment, as referenced in the letter.

Additionally, the company added more computer security protections and protocols and updated its policies and procedures.

Details: The previous owner of San Jose Medical Supply Co. died in August 2011, and the stolen data was accessed sometime between then and December of that year. The current owner purchased the company in August 2012 and uncovered suspicious activity.

The data breach was confirmed in June following a forensic investigation. Breach alert letters were mailed out last week. The business tort claim was filed in April.

Quote: “San Jose Medical Supply Co. sincerely apologizes for this incident and regrets any inconvenience it may cause you,” owner Jesille Kuizon said in the letter. “Your privacy is very important to us, and we will continue to do everything we can to correct this situation.”

Source: oag.ca.gov, California attorney general's office, “San Jose Medical Supply – HIPAA Breach Letter,” July 18, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in The Data Breach Blog

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US

More in The Data Breach Blog

About 60K transactions possibly affected in Cape May-Lewes Ferry breach

The security of card processing systems relating to food, beverage and retail sales at the Cape May-Lewes Ferry was compromised and payment card data may be at risk.

Arkansas State University-Beebe is investigating a potential breach

Arkansas State University-Beebe is notifying students and employees of a service running on one of its servers that could pose a potential breach to the system.

Unencrypted discs missing, Arizona State Retirement System notifies 44,000

Arizona State Retirement System notifies nearly 44,000 individuals enrolled in dental plans that two unencrypted discs containing their personal information are missing.