Medical supply company files lawsuit after breach

Share this article:

San Jose Medical Supply Co. in California has filed a lawsuit against former employees for allegedly disclosing customer information to two competitors, which it also is suing.

How many victims? Unknown, but a San Jose Medical Supply Co. business blurb indicates the company serves thousands of customers.

What type of personal information? Full names, dates of birth, Social Security numbers, home addresses, Medi-Cal ID numbers, physician's names and contact information, prescriptions, diagnoses, disability codes and invoices.

What happened? Customer information had been collected by former San Jose Medical Supply Co. employees, officers and/or agents, according to a July 17 letter sent to victims. Allegedly, the former employees subsequently disclosed the information to Front Medical Supplies and Living Medical Equipment.

What was the response? The employees involved were fired. San Jose Medical Supply Company filed a lawsuit against the workers, as well as Front Medical Supply and Baypoint Medical Supply. A contact could not be reached to explain why Baypoint was listed in the business tort claim and not Living Medical Equipment, as referenced in the letter.

Additionally, the company added more computer security protections and protocols and updated its policies and procedures.

Details: The previous owner of San Jose Medical Supply Co. died in August 2011, and the stolen data was accessed sometime between then and December of that year. The current owner purchased the company in August 2012 and uncovered suspicious activity.

The data breach was confirmed in June following a forensic investigation. Breach alert letters were mailed out last week. The business tort claim was filed in April.

Quote: “San Jose Medical Supply Co. sincerely apologizes for this incident and regrets any inconvenience it may cause you,” owner Jesille Kuizon said in the letter. “Your privacy is very important to us, and we will continue to do everything we can to correct this situation.”

Source: oag.ca.gov, California attorney general's office, “San Jose Medical Supply – HIPAA Breach Letter,” July 18, 2013.

Share this article:
close

Next Article in The Data Breach Blog

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.