The class action lawsuit against MyChart has swiftly turned into a focal point for discussions about digital trust in healthcare. At its core is BJC HealthCare, one of the most well-known nonprofit systems in Missouri, which is charged with letting private patient information fall into the hands of powerful advertising companies. BJC sought resolution without admitting fault by agreeing to a $5.5 million settlement, which could increase to $9.25 million; however, the case highlights the precarious equilibrium between contemporary efficiency and traditional confidentiality.
The claims were strikingly obvious: MyChart users who logged in to message doctors, schedule checkups, or review test results allegedly had their activity redirected to Google and Facebook. Many people compared this to entering a reputable clinic only to find microphones concealed behind the walls. Patients were left feeling uneasy and wondering if a system that was supposed to help them had been secretly working against them.
Similar lawsuits have appeared all over the country, creating an unmistakably similar trend that is now hard to ignore. The University of Rochester Medical Center consented to $2.85 million, while Mount Sinai in New York reached a settlement of $5.25 million. Mercy Health is still being investigated, and Henry Ford Health in Michigan was the target of its own class action. When taken as a whole, these cases demonstrate how the digital transformation of healthcare has created risks that many people never saw coming, even though it has been especially helpful in making services more accessible.
Bio / Case Information Table
| Case Title | MyChart Privacy Class Action Lawsuit |
|---|---|
| Defendant | BJC HealthCare (St. Louis-based system) |
| Settlement Amount | $5.5 million (up to $9.25 million) |
| Class Period | June 2017 – August 2022 |
| Key Issue | Alleged sharing of protected health data with third parties (Facebook, Google, SiteScout, Invoca, TradeDesk) |
| Similar Cases | Mount Sinai ($5.25M), URMC ($2.85M), Henry Ford ($Undisclosed), Mercy Health (pending) |
| Claim Deadline | October 8, 2025 |
| Court | 22nd Judicial Circuit Court, St. Louis, Missouri |
| Lead Counsel | Amy Gunn (Gunn Slater), Jason Barnes & Eric Johnson (Simmons Hanly Conroy LLC) |
| Official Website | BJC Privacy Settlement |
The scope of BJC’s case is particularly extensive. Thousands of patients could join since anyone who used its MyChart portal between June 2017 and August 2022 could submit a claim. The majority will probably only get small payouts, maybe $35, but the real impact will be symbolic. For many, submitting a claim is more about stating that their dignity is not a commodity than it is about the money.
Attorneys representing the class placed a strong emphasis on accountability during settlement talks. Counsel Amy Gunn and her team made a strong case for the need to hold healthcare professionals to the highest standards, especially when patients’ trust is the unseen currency they exchange at each visit. They took a very clear stand: hospitals cannot entrust patient trust to outside trackers.
The consequences extend well beyond Missouri. We are reminded of how devastating a data breach could be by celebrities who have openly discussed health issues, such as Michael Phelps on mental health or Selena Gomez on lupus. Although they are not plaintiffs, their candor highlights the vulnerability that patients experience when personal data is handled improperly. The concern is legitimate; improper use of medical information may lead to stigmatization, targeted advertising, or even repercussions for one’s career.
Though the stakes seem much higher, observers draw comparisons between the MyChart and Cambridge Analytica scandals. Leaking therapy schedules, diagnoses, or treatments is a very different violation than leaking consumer preference data. In this situation, protecting patient privacy becomes both a moral and legal requirement.
Despite their financial nature, the settlements serve as reform catalysts. Digital tools like Google Analytics and Meta Pixel, which are very effective for retail websites but extremely problematic for health portals, are currently being pushed on hospitals to reevaluate their use. The contrast is stark: looking at the results of a cancer test should never encourage surveillance, but looking for shoes might only result in more advertisements.
These legal actions result in a strikingly successful push for transparency. The MyChart cases could lead to more precise regulations on healthcare tech partnerships, much like the Equifax hack changed the definition of credit security. Strict firewalls between marketing-driven platforms and patient portals are already being called for by advocacy groups.
The resonance of these cases is also influenced by demographics. Because they are frequently less accustomed to digital systems, older patients may feel especially deceived and have their trust significantly eroded. Even though they are used to continuous monitoring, younger patients still find it unsettling that their health information could be used to promote advertisements. Despite their differences, both groups are increasingly calling for safer, more responsible healthcare technology.
The hearing to approve the settlement will take place in St. Louis on October 16, 2025. Distributions might start later that year if everything is finalized. Patients can choose to opt out or submit claims until then; the last day to do so is October 8. The precedent is monumental, but the compensation is modest. It ushers in a new era where hospitals must embrace a deeper cultural shift toward protecting the sanctity of health data in addition to complying with regulatory checklists.
