ECL Group, LLC provides services for medical practices, such as billing, keeping electronic medical records (EMR), and other practice management services. This class action concerns an outage of ECL’s systems as a result of a ransomware attack.
The plaintiffs in this case are three eye-related medical practices which were customers of ECL.
The complaint alleges the contracts between the plaintiffs and ECL contained provisions for situations when ECL’s systems might be out of service. These included lengths of time in which ECL promised to fix certain issues and reductions of ECL’s monthly fees of from 10% to 50% “in the event that the EMR software was available less than 95% of the time measured over a calendar month.”
Sometime around March 2021, ECL suffered a ransomware attack, the complaint says, meaning the practices could not access patients’ records.
The complaint alleges that ECL hid the fact of the ransomware attack: “Rather than be transparent about experiencing a ransomware attack, ECL initially tried to hide what had happened from its clients in order to keep them from exercising their remedies under the EMR contracts and to avoid having to make the fee concessions required under those contracts.”
According to the complaint, ECL misrepresented what had happened, kept promising that service would be restored soon, and invoiced its customers for services it had not provided.
In fact, the complaint contends that many of ECL’s services “remain unavailable months after the outage first occurred.”
Also, under the contracts, the complaint alleges, the medical practices “are entitled to receive their own data for the purpose of transitioning to a new provider” but “ECL has continually refused to provide such data after repeated demands.”
The complaint claims that ECL sent out messages claiming the outage was a “technical issue,” and kept promising that its systems would be restored soon.
The complaint says “it took more than 30 days for ECL to restore some of the functionality and services of iMedicWare…” and that “numerous shorter outages” continued during April, while a further outage occurred in June. In the meantime, the complaint alleges, ECL continued to bill customers for their full monthly fees.
Three classes have been defined for this action:
- The iMedicWare Class is all persons and entities who contracted with ECL for EMR management services using the iMedicWare software and who have suffered outages for any period of time since January 1, 2020 due to ransomware attacks or for any other reasons.
- The myCare Integrity Class is all persons and entities who contracted with ECL for EMR management services using the iMedicWare software and who have suffered outages for any period of time since January 1, 2020 due to ransomware attacks or for any other reasons.
- The Revenue Cycle Management Class is all persons who contracted with ECL for revenue cycle management services who received delinquent revenue cycle services for any period of time since January 1, 2020.
Topic: Contract
Most Recent Case Event
ECL Group Ransomware Attack Disrupts Medical Practices Complaint
April 15, 2022
ECL Group, LLC provides services for medical practices, such as billing, keeping electronic medical records (EMR), and other practice management services. This class action concerns an outage of ECL’s systems as a result of a ransomware attack.
ECL Group Ransomware Attack Disrupts Medical Practices ComplaintCase Event History
ECL Group Ransomware Attack Disrupts Medical Practices Complaint
April 15, 2022
ECL Group, LLC provides services for medical practices, such as billing, keeping electronic medical records (EMR), and other practice management services. This class action concerns an outage of ECL’s systems as a result of a ransomware attack.
ECL Group Ransomware Attack Disrupts Medical Practices Complaint