Two lawsuits have been filed in federal court in Fort Wayne seeking class-action status on behalf of patients who have had their data compromised by Medical Informatics Engineering.
The Fort Wayne-based medical software company has reported that the private information of 3.9 million people nationwide was exposed when its networks were hacked earlier this year. The compromised information includes patients' names, Social Security numbers, birth dates and addresses, The Journal Gazette of Fort Wayne reported.
The company contacted the FBI to report the data breach in May and began issuing letters to patients, letting them know which provider's information was hacked and offering them credit monitoring services, in mid-July.
The first lawsuit was filed last week by one patient, while the second lawsuit was filed Tuesday by three other patients.
Both lawsuits are similar and accuse the company of negligence. The plaintiffs argue that the company should've realized the risks associated with collecting and storing patients' personal information, and that the company had a responsibility to protect their data, according to court documents.
The lawsuits allege that Medical Informatics Engineering failed to take steps to prevent and stop the data breach, failed to comply with industry standards for safeguarding such data, and failed to properly implement technical systems or security practices, the documents said.
"Given the risk involved and the amount of data at issue, MIE's breach of its duties was entirely unreasonable," the attorneys wrote in the lawsuit.
In addition to class action status, all four patients also are seeking damages and expenses.
Eric Jones, co-founder and CEO of Medical Informatics Engineering, confirmed to the Associated Press Thursday that the company is aware of the two pending lawsuits.
"Our primary focus at this time is on responding to requests for information to those affected and helping them to enroll in credit monitoring and identity protection services," he said.