Case Overview

Cases: Excelsior Orthopaedics/Buffalo Surgery Center Data Breach · Eye Physicians of Central Florida Data Breach · Goldco TCPA Robotext

Types: Data Breach Class Actions · TCPA Class Action

Status: Settlements Reached

Deadlines: Vary by case — see individual entries below

3 Privacy & TCPA Class Action Settlements to Know This Spring

Three class action settlements involving healthcare data breaches and unwanted text messages have reached resolution in recent weeks. If your personal information was exposed in a medical data breach — or if you received unsolicited text messages from a precious metals investment company — you may be eligible to file a claim. Here's what you need to know about each case.

1. Excelsior Orthopaedics & Buffalo Surgery Center Data Breach Settlement

Settlement Fund: $2.4 million

Estimated Payout: Varies; potential cash payments to eligible class members

Who Qualifies: Patients whose personal or medical information was affected by the data breach at Excelsior Orthopaedics or Buffalo Surgery Center

Excelsior Orthopaedics and Buffalo Surgery Center have agreed to pay $2.4 million to settle class action litigation stemming from a data breach that allegedly exposed patients' sensitive personal and medical information. According to a report from the HIPAA Journal, the settlement resolves claims brought by patients who say their data was compromised as a result of the incident.

The lawsuit alleged that the organizations failed to implement adequate security measures to protect patient information, and that affected individuals were placed at risk of identity theft and fraud as a result. Data exposed in medical breaches commonly includes names, dates of birth, Social Security numbers, and health insurance or treatment information — categories of data that research suggests carry elevated identity theft risk when compromised.

Eligible class members may be able to claim compensation for out-of-pocket losses tied to the breach, as well as a base cash payment. Proof of qualifying expenses may be required for higher-tier claims.

How to claim: Visit the official settlement website for claim instructions and filing deadlines. Details are available through the HIPAA Journal's coverage linked above.

2. Eye Physicians of Central Florida Data Breach Settlement

Settlement Fund: Not publicly disclosed

Estimated Payout: Cash payment or credit monitoring services, depending on election

Who Qualifies: Individuals who received notice that their personal information was affected by the Eye Physicians of Central Florida data breach

Eye Physicians of Central Florida has reached a class action settlement to resolve claims related to a data breach that allegedly exposed patients' personal and medical information. According to the settlement terms, eligible class members may choose between a cash payment or enrollment in credit monitoring services — a common election structure in healthcare data breach settlements.

The lawsuit alleged that the Florida-based ophthalmology practice failed to adequately safeguard patient data, leaving affected individuals vulnerable to potential misuse of their personal information. Medical providers are subject to HIPAA's data security requirements, and plaintiffs in cases like this typically allege that insufficient technical safeguards allowed unauthorized actors to access sensitive records.

Individuals who received a data breach notification letter from Eye Physicians of Central Florida are encouraged to review the settlement terms to determine whether they may be eligible to participate. Filing a claim generally does not require proof of actual harm in settlements structured with a base cash payment option.

How to claim: Claim forms and deadline information are available through the Top Class Actions settlement page covering this case.

3. Goldco TCPA Robotext Class Action Settlement

Settlement Fund: $2 million

Estimated Payout: Pro-rata share; amount depends on class size and valid claims filed

Who Qualifies: Individuals who received unsolicited text messages from Goldco after requesting that contact stop, or while listed on the Do Not Call registry

A federal court has granted approval to a $2 million class action settlement resolving TCPA claims against Goldco, a precious metals and gold IRA investment company. The lawsuit alleged that Goldco sent automated or prerecorded text messages to consumers using the Call Loop text platform without the required prior express consent — and in some cases, after recipients had explicitly asked the company to stop contacting them.

Under the Telephone Consumer Protection Act (TCPA), businesses are generally prohibited from sending automated marketing texts without consent. Consumers listed on the Do Not Call registry are entitled to additional protections. The law allows for statutory damages of $500 to $1,500 per violation, though class action settlements typically result in pro-rata distributions that may be significantly lower on a per-claimant basis.

The plaintiff alleged that Goldco's messages were sent to individuals who had opted out of further contact — a claim the company disputed, though it agreed to settle to avoid continued litigation. Court approval of the settlement has already been granted.

How to claim: Class members who received qualifying text messages from Goldco during the relevant period should review the settlement terms and claims process for eligibility information.

Key Takeaways

• Healthcare data breach settlements frequently offer two-tier compensation — a base cash payment available to all class members, and higher reimbursement for those who can document out-of-pocket losses like credit monitoring costs or time spent addressing fraud.
• You may not need a receipt to file a claim — many data breach settlements allow claims based solely on receiving a breach notification letter, without requiring proof of financial harm.
• TCPA settlements hinge on consent and opt-out records — if you asked a company to stop contacting you and continued to receive texts or calls, that conduct may be at the heart of a qualifying claim.
• Check your mail and email inbox — class notice in data breach and TCPA cases is often sent directly to affected individuals; a notification letter may already indicate you are a potential class member.
• Court approval does not guarantee a specific payout — final distribution amounts in pro-rata settlements depend on how many valid claims are filed.

Have you filed a claim in any of these settlements? Share your experience in the comments below.

InjuryClaims.com reports on litigation developments for informational purposes only. Nothing in this article constitutes legal advice. Eligibility for any settlement or lawsuit is determined by attorneys and courts, not by this publication.