Class action lawsuit alleges Phreesia failed to protect patient data in massive breach


Margo Brodie, Chief Judge with the U.S. District Court for the Eastern District of New York | Administrative Office of the United States Courts | Wikipedia Commons

A class action lawsuit has been filed against Phreesia, Inc., accusing the software company of failing to protect sensitive patient data, resulting in a significant data breach. 

The complaint was filed on December 16, 2024, in the U.S. District Court for the Eastern District of New York by Martin Gerber, representing the estate of Phyllis Gerber and others similarly affected.

The lawsuit alleges that Phreesia, a healthcare software provider, neglected its duty to safeguard personal identifiable information (PII) and protected health information (PHI) collected through its subsidiary ConnectOnCall.com. 

This negligence allegedly led to a breach between February and May 2024 when cybercriminals accessed and locked down servers using ransomware. The breach exposed sensitive data, including legal names, demographic details, and health information of patients nationwide. 

Despite detecting unusual activity on May 12, 2024, Phreesia reportedly took over ten months to notify affected individuals.

Gerber claims the breach has caused significant harm, including loss of PII value, time spent addressing the breach’s consequences, potential identity theft risks, and other damages. He seeks actual damages, punitive damages, restitution, and statutory damages under New York General Business Law §349 for deceptive practices. 

Additionally, Gerber demands injunctive relief requiring Phreesia to strengthen its cybersecurity protocols and provide three years of identity theft protection for affected individuals.

Gerber is represented by attorneys Jason P. Sultzer and Scott E. Silberfein from Sultzer & Lipari PLLC, along with Jeffrey K. Brown and Blake Hunter Yagman from Leeds Brown Law PC. The case is being heard under Case ID 2:24-cv-08585.

Organizations Included in this History


More News

Daily Feed

Former employee accuses Halmar of wrongful termination over FMLA leave request

A former employee has filed a lawsuit against Halmar International, LLC., alleging wrongful termination in violation of the Family Medical Leave Act (FMLA).


Local

No Joke: A Family Camped Out at Midnight for Selden Chick-fil-A's Grand Open

The chain's latest restaurant to hit Long Island is located at 949 Middle Country Road.


Opinion

FROM THE NEWSROOM: Big Government Must Reduce Spending. My Family Did

Now more than ever, we need to support President Trump and Elon Musk in their mission to reduce spending and eliminate fraud, waste, and abuse from the bloated bureaucracy.