Two law firms are prepared to sue Clinical Diagnostics and the Centre for Population Screening on behalf of victims of the recent data breach. In just a few days, almost 70,000 people have already registered for a potential collective claim for damages.
Earlier this month, the Centre for Population Screening disclosed that personal and sensitive information of 485,000 participants in a cervical cancer screening program had been stolen by a group of cybercriminals called Nova.
The attackers obtained full names, addresses, dates of birth, citizens’ service numbers (BSN), test results, and the names of the participants’ healthcare providers from an external research lab.
Last week, over 405,000 women who participated in the cervical cancer screening program received a letter from the Centre for Population Screening, informing them that their data had been stolen because of a data breach at Clinical Diagnostics, the laboratory that collected and analyzed the samples of participants.
It’s considered one of the most serious medical data breaches ever in the Netherlands. That’s why two Dutch law firms are in the early stages of filing a class-action lawsuit against Clinical Diagnostics and the Centre for Population Screening.
According to Michaël Dol, lawyer at Van Diepen Van der Kroef, over 50,000 women have already registered to take part in a potential class-action lawsuit. Last Friday, his law firm launched the website datalekbevolkingsonderzoek.nl, where victims can submit a form stating they want to participate in the legal process.
DHKV Advocaten launched the website claimbevolkingsonderzoek.nl this Monday and has received over 18,000 registrations as of Wednesday morning.
The General Data Protection Regulation (GDPR) and European case law offer the option for compensation for both material damages, such as costs stemming from identity theft, extortion, or financial fraud, and non-material damages, including stress, anxiety, or loss of trust.
But what are the odds of actually getting financial compensation for what happened?
According to Stephan Mulders, a lawyer at Blenheim who specializes in privacy law, it’s often very difficult to prove that someone has suffered damages after a data breach. This is because the causal link between the data breach and any potential damages is difficult to prove. According to him, even serious privacy breaches rarely result in compensation.
Neither Clinical Diagnostics nor the Centre for Population Screening has responded to the potential class-action lawsuits that are in the making.
Your email address will not be published. Required fields are markedmarked