Allscripts seeks arbitration in class-action ransomware suit

09 Jul 2018 | SOURCE: Fierce Healthcare

Allscripts has asked an Illinois district judge to dismiss a class-action lawsuit filed after a ransomware attack took down the EHR vendor’s servers for a week, adding that the dispute belongs in arbitration.

The lawsuit revolves around a January cyberattack involving a new variant of the SamSam virus. The attack brought down the company’s servers in North Carolina and knocked out access for nearly 1,500 physician practices. Several of those providers reverted to paper records and reported lost revenue and canceled procedures due to the disruption.

In a court filing (PDF) last week, Allscripts argued that Surfside Non-Surgical Orthopedics, the specialty practice that filed the lawsuit, intentionally sued the parent company of Allscripts Healthcare, LLC known as Allscripts Healthcare Solutions Inc. to avoid the arbitration clause outlined in its contract with the vendor.

Allscripts Healthcare Solutions Inc. is a “non-operating holding company with only eight officers, no employees, and no products or customers,” according to the filing.

“Plaintiff apparently hopes that, by suing a party with which it has no contractual or other business relationship, it can avoid the contract that governs the provision of the services it received from LLC,” Allscripts attorneys wrote in a court filing last week.

The company added that even if Surfside sued the right company, the injury was caused by a criminal act rather than Allscripts’ negligence. The company added that it explicitly warns about the inability to prevent all cyberattacks in its annual financial filings.

“A criminal attack executed using a brand-new malware variant is precisely the kind of unforeseeable intervening act that breaks the chain of proximate causation,” the court filing stated.

In a subsequent filing, Surfside’s attorneys maintained the parent company was to blame, adding that the company’s “acts and/or admissions affected the circumstances that gave rise to the attack and its fall-out.”

Surfside originally argued that SamSam has been a known vulnerability since March 2016, and the company’s “wanton, willful, and reckless disregard” led to service disruption.

In response, Allscripts apparently couldn’t resist a dig at Surfside, and any other providers that encountered disruptions from the attack.

“Customers who had appropriate contingency plans in place—the existence of which practices may certify annually to the federal government in exchange for certain financial incentives—were minimally impacted by the attack,” the company wrote in a footnote in its motion to dismiss.

  1. They should PAY!!! As a result of them disrupting my office to transfer my account to an unproven, unprotected cloud service, I lost hundreds of non compensable manhours, thousands of dollars in lost revenue as well as the cost to set up a paper chart again for safety’s sake, losing data and patients as a result. I need to recover the lost income and expense due to their negligence!!!

  2. THey need to pay up – THis mess cost me hundreds of thousands of lost revenue, extra expenses to reconvert to paper charts and digging to find lost data. It was just fine with no issues UNTIL they decided to ‘upgrade’ and move MY office to a ‘cloud’ source – other practices on this EHR were NOT affected by this transfer and lost no data nor MONEY!!!! As solo practitioner, this nearly cost me my practice in toto!!!

Leave a Reply

Your email address will not be published. Required fields are marked *


Enter code DAShealth to view video.


Enter code DAShealth to view video.


Enter code DAShealth to view video.

Please complete the sign in form below.

[contact-form-7 404 "Not Found"]

Please complete the sign in form below.







Enter code DAShealth to view video.


Enter code DAShealth to view video.


Enter code DAShealth to view video.



Enter code DAShealth to view video.