NorthCare 2000 Settlement Over 2021 Data Breach Exposing Personal Health Information
Deadline
Deadline: October 11, 2025
Total Settlement Amount
Total amount allocated for all claims
Individual Payout Range
Estimated amount per eligible claim
Proof of Purchase
Claimants should provide their Class Member ID from the settlement notice if available. To claim reimbursement for out-of-pocket expenses or financial losses (up to $2,000), submit documentation such as receipts or invoices, bank/credit card statements showing unreimbursed fees or fraudulent charges, credit-freeze/credit-report/monitoring fees, and where applicable police reports or other evidence of identity theft or fraud.
Settlement Summary
NorthCare (North Oklahoma County Mental Health Center) faced a class action after a May 29, 2021 cyber incident in which unauthorized parties allegedly accessed or acquired clients’ personally identifiable information and protected health information (PHI)—the especially sensitive data handled by healthcare providers and mental health organizations. Data breaches in healthcare are common targets for ransomware and extortion because medical records contain a rich mix of identifiers (often including details beyond what a credit card leak would expose), and patients can face downstream risks such as identity theft, fraudulent billing, or privacy harms tied to diagnoses and treatment. The lawsuit claims NorthCare failed to implement reasonable safeguards to protect this information, and the settlement is significant because it offers concrete relief to affected consumers while signaling the financial consequences of weak security practices in the health sector. Eligible U.S. residents can seek up to $2,000 for documented losses fairly traceable to the incident, up to $100 for time spent responding, three years of one-bureau credit monitoring, or an alternative $125 cash payment; key deadlines include opting out by Sept. 12, 2025 and filing claims by Oct. 11, 2025, with final approval scheduled for Dec. 15, 2025. More broadly, this case fits a growing pattern of healthcare data-breach class actions that often resolve through settlements providing credit monitoring and capped reimbursements rather than admissions of wrongdoing, reflecting the difficulty of litigating causation and damages from data exposure. It also sits within a regulatory backdrop where HIPAA’s Privacy and Security Rules require covered entities and business associates to safeguard PHI through administrative, physical, and technical protections, and where organizations may face government scrutiny and breach-notification obligations in addition to private litigation, encouraging providers to invest more heavily in cybersecurity controls, vendor management, and incident response readiness.
Entities Involved
Eligibility Requirements
- You resided in the United States at the time of the incident/notice period
- Your personal information and/or protected health information was or may have been accessed or acquired in the NorthCare data incident occurring on or about May 29, 2021
- You submit a valid claim by Oct. 11, 2025 to receive benefits (no payment without a claim)
- If seeking reimbursement for losses (up to $2,000), you must show the losses were fairly traceable to the incident and provide supporting documentation
- If seeking time reimbursement, your claimed time must relate to dealing with the incident (up to 5 hours at $20/hour, max $100)
- If choosing the $125 alternative cash payment, you must not also claim reimbursement for losses, time, or credit monitoring
- You do not exclude yourself by the Sept. 12, 2025 opt-out deadline
Featured Investigations
Stay Updated
Subscribe to our newsletter for the latest settlement updates and news.
Important Notice About Filing Claims
Submitting false information in a settlement claim is considered perjury and will result in your claim being rejected. Fraudulent claims harm legitimate class members and may result in legal consequences.
If you are unsure about your eligibility for this settlement, please visit the official settlement administrator’s website using the link provided above. Review the eligibility criteria carefully before submitting a claim.
Class Action Champion is an independent information resource and is not affiliated with any settlement administrator, law firm, or court. We provide settlement information as a service to help connect eligible class members with legitimate settlements.