Lawsuit Filed Against Geisinger Following Massive Data Breach

DANVILLE, Pa. (WTAJ) – WTAJ is reporting… A class action lawsuit has been filed against Geisinger and a Microsoft company – demanding $5 million to compensate patients for a data security breach.

A former patient, James Wierbowski, filed the lawsuit individually and on behalf of more than 1 million impacted Geisinger patients, claiming that a former Nuance Communications employee accessed their private health information.

Nuance, which is owned by Microsoft, provides AI-powered healthcare IT services for about 10,000 healthcare organizations globally, including Geisinger, according to the lawsuit.

In the lawsuit, Wierbowski claims that Geisinger, a Pennsylvania healthcare system based in Danville, discovered that a former Nuance employee, Max Vance, accessed patient information two days after being fired. The lawsuit also alleges that after being notified of the data breach, Nuance removed Vance’s access to records.

The data breach was allegedly discovered on November 29, 2023. According to the lawsuit, various patient information, including names, date of birth, address, admit and discharge or transfer code, medical record number, race, gender, phone number, and facility name abbreviation information, were accessed.

Wierbowski alleges that patients were not notified of the data breach until six months after it occurred and warned that criminals can use stolen patient health information to sell on the black market.  Geisinger posted an official notice on June 24. In the press release, Geisinger reports that law enforcement investigators asked Nuance to delay notifying patients of the incident.

About The Author