Northwell Health agreed to settle class action litigation alleging unauthorized disclosure of patient information via website tracking tools.
Northwell Health Lawsuit Details
Northwell Health settled the lawsuit Kaplan v. Northwell Health, Inc., filed in New York State Supreme Court, Kings County, over its use of tracking codes, such as Google Analytics and Meta Pixel code, on its website that allegedly transmitted protected health information (PHI) to third parties without consent. The lawsuit alleges that such disclosure of patient data violated the Electronic Communications Privacy Act.
According to the lawsuit, data about Northwell Health patients’ past, current, or future medical conditions, which include the type and date of a medical consultation, was obtained and sent to third parties. That details can be linked with individuals through identifiers like their IP address. Third parties reading the data could infer that the person was getting treatment for a certain health condition and consulted with Northwell Health.
Northwell Health Settlement Details
Northwell Health denies denies liability for the allegations in the lawsuit and wanted to have the lawsuit dismissed, but then, all parties talked about settlement. After taking into consideration the probable cost and risk of the lawsuit, the parties reached a settlement decision.
Northwell patients who logged into Northwell’s FollowMyHealth patient portal or booked an appointment using the portal from January 1, 2020 to December 31, 2023 are eligible to receive a $15.00 cash payment and privacy monitoring services for twelve months. All other Northwell patients from January 1, 2020, to July 25, 2024 are eligible to avail the privacy monitoring services for twelve months.
The settlement provides class members the opportunity to submit claim forms by April 20, 2026, to receive benefits. Individuals may exclude themselves or object to the settlement by March 23, 2026, and a final fairness hearing is scheduled for April 21, 2026. Doing nothing means no settlement benefits will be received and it means giving up the rights.
Legal Context and Next Steps
The settlement resolves allegations that the healthcare provider’s use of third-party tracking tools on their websites may have resulted in unauthorized disclosures of sensitive patient information. The Settlement does not mean the defendant or the plaintiff is correct. It just means that a compromise is reached to end the litigation.
