Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
A former CareCentrix employee has filed a data breach class action lawsuit accusing the home healthcare provider of using insufficient data security methods.
Plaintiff Sarah Hapka is filing this claim, alleging that CareCentrix negligently failed to take proper data security measures to protect against hackers. The hackers had reportedly obtained the W-2 forms of 2,000 current and former workers, exposing those employees’ sensitive personal and tax information.
Overview of CareCentrix Data Security Allegations
The company is trying to shift the liability to the unknown hackers or hackers who actually conducted the data breach in March 2016. CareCentrix is arguing that a certain provision of Kansas law, the state’s comparative negligence statute, requires a jury to “apportion the fault of the fault of those responsible for an injury.”
This essentially means that CareCentrix is trying to shift the blame onto the hackers, to avoid the negligence charges. CareCentrix had argued the non parties, or the hackers, are completely responsible for the damages Hapka alleged.
However, Hapaka argues that Kansas law does not permit a party to shift its responsibility of negligence to another party if there were actions the party could have taken to prevent the harm.
Hapka’s lawyers called CareCentrix’s argument “futile and frivolous,” pointing out several Kansas Supreme Court opinions holding defendants responsible for negligence in previous cases.
Overall, Hapka states that Kansas law will not allow CareCentrix to escape the negligence allegations for the data breach. She argues that for purposes of apportioning liability, the hacker’s intentional acts and CareCentrix’s alleged negligence don’t mix.
She cites an older case in which the court rejected a truck stop’s attempt to pin liability for a stolen truck on the thief, and another case in which a school district couldn’t pass on some of its liability for negligent hiring and supervision onto a former school bus driver accused of child abuse.
The current motion is CareCentrix’s latest attempt to avoid liability in this data breach class action lawsuit. The company’s motion for dismissal was denied this past December by U.S. District Judge Carlos Murguia.
Judge Murguia rejected CareCentrix’s argument that Hapka does not have standing to bring her claims. According to his December 2016 ruling, Hapka’s allegation that her exposed information was used to file a fraudulent tax return was enough to establish standing.
Data security is a constant concern in the United States, as the personal information of employees and other personal of companies are supposed to be secure. According to the Identity Theft Resource Center, the rate of data breaches have increased by 40% in 2016, with a record of 1,093 incident reports overall.
The Data Breach Class Action Lawsuit is Hapka v. CareCentrix Inc., Case No. 2:16-cv-02372, in the U.S. District Court for the District of Kansas.
UPDATE: November 2017, the CareCentrix employee data breach class action settlement is now open. Click here to file a claim.
Join a Free Data Breach Class Action Lawsuit Investigation
Companies you entrust your personal information with are obligated to keep your information safe and secure. If you were recently notified that your personal information was compromised due to a data breach, you may qualify to file a data breach lawsuit or class action lawsuit.
ATTORNEY ADVERTISING
Top Class Actions is a Proud Member of the American Bar Association
LEGAL INFORMATION IS NOT LEGAL ADVICE
Top Class Actions Legal Statement
©2008 – 2024 Top Class Actions® LLC
Various Trademarks held by their respective owners
This website is not intended for viewing or usage by European Union citizens.