The healthcare technology provider, Veradigm Inc. (earlier known as Allscripts), agreed to settle a class action litigation that was filed because of a 2024 data breach that affected sensitive patient data. The HIPAA-covered organization based in Illinois offers software programs to healthcare companies, such as electronic medical record software program and practice management software. In December 2024, cyber attackers accessed its system and likely acquired patient information that belongs to its healthcare clients. About 2 million patients were impacted. Data exposed in the incident included these data elements: names, contact details, birth dates, medical record details, insurance claim records, payment data, and other identifiers, for example, drivers’ licenses and Social Security Numbers.
Plaintiffs Tony Goodrum and Jason Mixton submitted the first class action lawsuit because of the security incident in June 2025. The lawsuit represents the plaintiffs personally and on behalf of likewise situated persons. Another class action litigation was filed afterwards, and the two litigations were combined into one lawsuit in the U.S. District Court for the Northern District of Illinois, considering that they had similar allegations.
The Goodrum, et al. v. Veradigm Inc. lawsuit claimed that the data breach was caused by negligence, and may have been averted if reasonable and proper cybersecurity procedures were carried out. Aside from negligence, the litigation mentioned claims for negligence per se, unjust enrichment, breach of implied contract, injunctive relief, and declaratory judgment.
Veradigm rejects all claims of liability and wrongdoing; nonetheless, soon after the two legal actions were filed, the organization investigated the possibility of fast resolution. With negotiation, the parties arrived at an agreement in principle to resolve the lawsuit, without admitting liability or wrongdoing. Class lawyer and the class representatives think the agreed upon settlement is acceptable and is beneficial to the class members.
The terms of the settlement agreement mention that Veradigm has decided to create a $10,500,000 settlement account to cover claims for settlement management fees, class members’ benefits, and lawyers’ fees and expenses, as authorized by the court. Class members can file a claim for approximately $5,000 as repayment of documented, unreimbursed expenses because of the data breach or, otherwise, can claim a cash payment, which is likely to be $50, though it can be higher or lower depending on the number of legitimate claims submitted. Irrespective of the choice decided on, class members could also get a membership to a health data monitoring solution for two years. Additional information about what may be claimed can be viewed at https://veradigmdatasettlement.com/
The last day to object and opt out of the settlement is February 17, 2026. Claims need to be filed on or before March 3, 2026. The final fairness hearing schedule is March 18, 2026.