Pennsylvania Hospitals and Health Systems may be Violating WESCA

 Shub & Johns LLC is investigating claims against Pennsylvania hospitals and health systems for potential violations of the Wiretapping and Electronic Surveillance Control Act. (“WESCA”). These potential violations are defined as the unauthorized disclosure of patients’ sensitive protected health information.


WESCA is a statute passed by the Pennsylvania assembly that makes it illegal to intentionally intercept any wire, electronic, or oral communication unless this interception is directly received by law enforcement for very specific criteria. Consent may also be an exception, including implied consent. Regarding exceptions however, the bar is set to be high and it is hard to overcome this threshold. A hospital/health system violates this statute by intercepting wire, electronic, or oral communication including but not limited to phone calls and computer communications without consent.

Nurse gloomily sits criss cross style against a wall, decompressing.One of these examples may include a data software that is present on a webpage and gathers information without a website visitor’s consent for the purposes of intercepting and disclosing website visitor’s electronic communications to a third party without the website visitor’s consent. These types of unauthorized data disclosures can happen to patients and other health customers in a hospital/health system context. The type of data disclosed can include anywhere from disclosing information about patients’ sensitive health information, including details about their medical conditions, prescriptions, and doctor’s appointments, and in turn, sending that information to a third party. This software may also collect IP addresses and other Personally Identifiable Information which could be linked to a specific individual or household.


WESCA Hospital Claims Intake Form



It has been reported that in recent times, many patients’ and healthcare consumers’ data across the United States has been breached or disclosed without authorization or consent. This sensitive patient is often disclosed to a third party without the patient ever knowing. If you were notified about a data breach like this or suspect that there may be an unauthorized disclosure of your sensitive private information please keep reading. Third parties may access this private patient information and either continue to disclose this type of information or even demand a ransom that the unauthorized recipients of this data would destroy any backup files of the stolen information. Millions of patients’ data if intercepted without consent and this information may include personal information such as “full names, addresses, dates of birth, phone numbers, provider name(s), date(s) of service, hospital department(s), and/or philanthropic giving history such as donation dates and amounts.”


There are many cases like this across the country. Software companies have a responsibility to ensure that the information they are paid to protect stays in the right hands. We’re here to help you fight back against software companies whose insufficient cybersecurity practices precipitate stolen personal information and unauthorized access to such data. At Shub & Johns, our attorneys specialize in representing consumers who are victims of a cybersecurity data breach.

Been Affected? Contact Us!

If you or someone you know believes your personal information may have been compromised, then let us know! Fill out the attached form and contact the Shub & Johns team today or please contact us at 610-477-8380 or Shub & Johns is a national leader in representing consumers, just like you. Our experienced class action attorneys are here to help you get justice. Contact us now! All consultations are free of charge.