The company has agreed to resolve a class action lawsuit related to the security incident, offering medical monitoring, identity theft insurance, and potential cash payments to the 34,562 individuals covered by the settlement. Notably, while the OCR portal lists 6,890 affected, the settlement class is larger, reflecting the full scope of this healthcare data breach.
Eligibility and Settlement Class Size Discrepancy
You might be wondering why the settlement class size is so much larger than the number you see on the OCR portal. This difference often raises questions for people trying to understand if they are covered by the data breach class action. Let’s break down what these numbers mean and who qualifies as a class member.

Who Is Eligible for the Settlement?
The breach was initially reported to the HHS Office for Civil Rights as involving the protected health information of 6,890 individuals. This standard HIPAA breach notification requirement is what created the original count. Those 6,890 people were directly notified about the incident on or around August 2, 2024. However, the official settlement class in this data breach class action covers 34,562 individuals.
Why the gap? The larger settlement class size typically reflects a broader definition of potential impact. While the OCR breach reporting process focused on the immediately confirmed set of affected patients, the class definition in a lawsuit often extends to anyone whose information may have been exposed or accessed in the breach. This is a common and practical legal strategy to ensure that the settlement resolves all potential claims related to the incident, covering both the originally notified group and others who might later discover risks to their data.
In practical terms, if you received a notice in early August 2024, you are almost certainly included. But even if you did not get that first letter, you could still be part of the 34,562-person class if your data was stored or processed by Calibrated Healthcare during the timeframe of the breach. Always review the official class definition provided on the settlement website to confirm your eligibility for any benefits.
Settlement Benefits: Medical Monitoring, Identity Theft Insurance, and Cash Payments
If you are part of this settlement, the benefits go beyond a simple cash payout. Because the compromised data included sensitive medical details like diagnosis and treatment information, the agreement prioritizes your ongoing security and health monitoring. You can expect a package that combines practical protection services with direct compensation.

The core of this data breach class action settlement is a two-year program of medical monitoring and identity theft insurance. This means you get access to services designed to catch any misuse of your health information early. Identity theft protection helps you spot if someone tries to use your medical records to get treatment or file false claims in your name. These services give you peace of mind without costing you anything extra.
What Medical Monitoring Services Are Provided?
Medical monitoring services help you keep an eye on your health records for suspicious activity. Since the breach exposed your medical diagnosis and treatment information, this is a crucial layer of security. The settlement covers these services for two years, giving you a long window to detect potential fraud. You will receive instructions on how to activate these services once the settlement is finalized.
How to Claim Lost Time and Documented Losses
On top of the services, you can claim a cash payment. Each eligible class member can receive a monetary payment between $21.44 and $28.68. But you can also get more. If you spent time dealing with the breach—like freezing your credit or reviewing medical bills—you can claim up to seven hours of your time at $25 per hour. That adds up to a maximum of $175 for lost time. For actual financial losses directly caused by the data breach, you can submit documentation for reimbursement up to $5,000 per class member. This data breach compensation structure ensures you are not left covering costs from a problem that wasn’t your fault.
How to File a Claim: Deadlines and Required Documentation
Now that you understand the compensation structure, the next step is to file your claim. The process is straightforward, but you must pay close attention to deadlines. All claims must be submitted by July 9, 2026. Missing this date means you forfeit your right to compensation in this data breach class action. The final fairness hearing is scheduled for August 13, 2026, where the court will decide whether to approve the settlement.
To file, you will need to complete a claim form. The form is available online through the settlement administrator’s website. Follow the claim form instructions carefully. You will need to provide your contact information and choose the type of compensation you are seeking: lost time, documented losses, or both.
What Documentation Is Needed for Lost Time Claims?
If you spent time dealing with the data breach, you can claim up to seven hours at $25 per hour, for a maximum of $175. This covers activities like monitoring your accounts, freezing credit, or dealing with identity theft issues. You do not need extensive proof for this claim, but you should provide a brief description of the time spent. Keep your own records in case the administrator requests verification.
What Documentation Is Needed for Documented Losses?
For documented losses up to $5,000, you need concrete proof. This includes receipts, invoices, bank statements, or any other documents showing expenses directly caused by the breach. Examples include fees for credit monitoring services, costs for replacing cards, or professional fees for resolving identity theft. Ensure all documents are clear and legible. Submit copies, not originals, as they will not be returned.
Remember, the claim deadline is strict. Start gathering your documents now to avoid last-minute issues. If you have questions, the settlement website provides detailed claim form instructions and contact information for the administrator. Don’t delay — your compensation depends on timely and accurate submission.
Legal Basis of the Lawsuit and Defendants’ Denial
Before you file your claim, it helps to understand the legal arguments that led to this settlement. The lawsuit brought a series of legal allegations against Calibrated Healthcare. These included negligence, invasion of privacy, breach of contract, breach of implied contract, unjust enrichment, and violations of California laws. Each allegation centered on the claim that the company failed to adequately protect sensitive patient data, leading to unauthorized access and potential harm to individuals. This data breach class action hinges on whether the company breached its duty to safeguard personal information.
Also worth a read: Texas Governor Calls for Data Centre Regulation.

Despite these serious charges, the defendants deny all claims, including fault, wrongdoing, and liability. By agreeing to the settlement, they are not admitting to any of the accusations. This is known as a settlement without admission of liability, a common practice in class action lawsuits. The class action settlement reasons here are clear: to avoid the high costs and uncertainties of a prolonged legal battle. Settlement negotiations continued after mediation, and eventually, an acceptable settlement was agreed upon. For the defendants, this allowed them to move forward without the burden of ongoing litigation. For you, it means compensation is available without a trial. Understanding this legal backdrop helps you see why the settlement structure exists as it does.
Next Steps for Class Members: Opt-Out Options and Court Approval
With the settlement structure in place, your next move is to understand your rights as a class member. This data breach class action gives you a clear choice: stay in the settlement or opt out to pursue an individual lawsuit. Knowing what each option means helps you make the best decision for your situation.
How to Opt Out of the Settlement
If you want to opt out of the class action, you must submit a written request to the settlement administrator. This preserves your right to file your own lawsuit against the company. Keep in mind that opting out means you receive no compensation from this settlement. The deadline for submitting your opt-out request will be included in your notice, so check it carefully.
What If I Haven’t Received a Notice?
If you believe you are a class member but haven’t received a notice, contact the settlement administrator directly. They can confirm your eligibility and provide you with the necessary forms. Acting quickly is important because deadlines for opting out or objecting are fixed.
The settlement has already received preliminary approval from the court. This step allows the notice process to move forward, but it does not guarantee final approval. The court will hold a final fairness hearing scheduled for August 13, 2026. At that hearing, the court will review the settlement terms, consider any objections from class members, and decide whether to grant final approval. If you have concerns about the settlement, you can file an objection with the court before the deadline. Your objection must explain why the settlement should not be approved.
Whether you stay in the settlement or opt out, understanding these steps ensures you can take control of your participation in this data breach class action. The court approval of the settlement is a key checkpoint, so staying informed about the hearing date is essential.
Frequently Asked Questions
How can class members claim monetary payments or lost time reimbursement?
You must submit a valid claim form to the settlement administrator by the deadline set in the notice. You can file online or mail a paper copy. For lost time reimbursement, you will need to document the hours you spent dealing with the breach, such as monitoring accounts or freezing credit.
Why does the settlement cover more people than the initially reported breach number?
Initial breach notifications often reflect only the individuals directly notified at the time. A class action settlement typically covers a broader group, including anyone whose information may have been accessed or exposed, even if they were not among the first notified. This ensures all potentially affected parties have a chance to claim benefits.
If the defendants deny liability, why are they settling?
Settling a data breach class action allows the defendants to avoid the cost, uncertainty, and publicity of a trial. Denying liability is a standard legal position that preserves their right to defend themselves, while the settlement provides a practical resolution for both sides. You receive compensation or benefits without needing to prove the case in court.






