On January 21, 2021, a judge in the Superior Court of Delaware announced a decision in the matter of Abernathy v. Brandywine Urology Consultants, in which the court found that a group of plaintiffs had no standing to bring suit for negligence and breach of contract against the urology office because the plaintiffs “had not alleged an injury” following an attempted January 2020 data breach.
After discovering their computer systems had been breached by a group of cyberattackers, Brandywine Urology sent a data breach notice to their patients, notifying their patients that their protected health information (PHI) had been “potentially compromised.” Since the PHI had not actually been accessed following an investigation, the plaintiffs did not in fact suffer injury.
