Patient Data Allegedly Sold to Fuel Mass Tort Lawsuits

Epic Systems alleges that Health Gorilla and other health tech companies improperly accessed and shared patient records with law firms seeking plaintiffs for mass tort litigation. The claim raises serious concerns about patient privacy and the potential for commercial exploitation of sensitive medical information. This practice, if substantiated, could fundamentally alter the relationship between patients, healthcare providers, and the burgeoning health technology sector.

The allegations, recently surfaced, center around the practice of providing patient records to attorneys actively searching for individuals with specific medical conditions and diagnoses. These conditions, according to the claims, would qualify them to join ongoing mass tort lawsuits, often involving pharmaceutical products or medical devices.

The Core of the Allegation

Epic, a leading electronic health record (EHR) vendor, asserts that Health Gorilla, a company facilitating data exchange between healthcare providers, and other unnamed health tech firms, were actively soliciting and fulfilling requests for patient data. A senior official stated the requests were specifically geared toward identifying potential claimants. This suggests a deliberate effort to bypass traditional patient consent protocols and leverage medical information for commercial gain.

The alleged scheme involved identifying patients with diagnoses relevant to existing or anticipated lawsuits – such as those involving defective drugs or medical implants. Law firms, seeking to expand their client base, reportedly paid for access to this targeted patient data.

Health Gorilla’s Role and Potential Implications

Health Gorilla positions itself as a platform enabling secure and compliant health data exchange. However, Epic’s claims suggest the company may have prioritized profit over patient privacy. The allegations raise questions about the safeguards in place to prevent unauthorized access and use of sensitive medical information.

This situation highlights a growing concern within the healthcare industry: the increasing commodification of patient data. As more health information is digitized and shared, the risk of misuse and exploitation rises. One analyst noted that the current regulatory landscape may not adequately address the complexities of data sharing in the age of health tech.

The Broader Landscape of Mass Tort Litigation

Mass tort lawsuits are a common feature of the American legal system, allowing numerous plaintiffs with similar claims to sue a single defendant. These cases often involve complex medical issues and require extensive evidence to prove causation.

The alleged practice of sourcing plaintiffs through patient data brokers could significantly impact the integrity of these lawsuits. Critics argue that it incentivizes the pursuit of claims based on data-driven targeting rather than genuine patient harm.

• It raises ethical questions about the role of lawyers in actively seeking out potential clients.
• It could lead to an increase in frivolous lawsuits, burdening the court system.
• It erodes patient trust in the healthcare system.

What’s Next?

The implications of these allegations are far-reaching. Regulatory bodies, such as the Department of Health and Human Services (HHS), are likely to investigate the claims and assess whether any violations of the Health Insurance Portability and Accountability Act (HIPAA) occurred.

The outcome of any investigation could have significant consequences for Health Gorilla and other health tech companies involved. It could also lead to stricter regulations governing the sharing of patient data and increased scrutiny of the mass tort litigation industry. The case underscores the urgent need for a robust and ethical framework to protect patient privacy in the digital age.