By: Richard L. Smith
Capital Health, a health care provider with multiple locations in New Jersey and Pennsylvania, has agreed to pay $4.5 million to resolve claims tied to a 2023 data breach that exposed the private information of patients, former patients, and employees.
According to a settlement notice and company statement from Capital Health, the compromised data may have included names, home addresses, Social Security numbers, dates of birth, email addresses, telephone numbers, and potentially certain clinical information.
Individuals whose information was affected may be eligible for a cash payment of up to $5,000, depending on documented losses connected to the breach.
In addition, settlement class members may qualify for three years of free credit monitoring and identity protection services. Claims must be submitted online or by mail no later than April 6.
Any payments will be distributed after the settlement receives final court approval.
Capital Health emphasized that the settlement does not constitute an admission of wrongdoing.
The organization has expressly denied any fault or liability related to the data incident.
The breach followed a cyberattack in November 2023 that caused a computer network outage within the Capital Health system. 
The incident prompted concerns about cybersecurity protections and the safeguarding of sensitive personal and medical information.