Individuals affected by the massive data breach at Sutter Health, in which the personal information of 4.2 million patients went missing when an unencrypted desktop computer was stolen, have filed a class-action lawsuit against the Northern California-based health care system, according to a report in The Sacramento Bee.
The suit, filed Monday in Sacramento Superior Court, contends that the company was negligent in securing its computer systems and in notifying victims about the incident.
The computer was stolen Oct. 17, but impacted patients weren't alerted until about a month later.
The Bee report, citing a Sutter spokesman, said the company wouldn't comment on the lawsuit but that it needed time to investigate the incident before notifying those affected.
Last week, the company said it plans to expedite plans to encrypt all desktops.
"[Sutter] has already encrypted portable laptops and Blackberries systemwide, and was in the process of encrypting desktop computers throughout the system when the theft took place," a notice to patients said.