Subscribe To Our Newsletter
Subscribe To Our Newsletter
St. Joseph Hospital of Nashua, New Hampshire, has agreed to a $1.25 million class action settlement following allegations that the healthcare provider compromised patient privacy by installing hidden data-tracking tools on its online medical portal.
The legal dispute, titled Fiorillo et al. v. St. Joseph Hospital of Nashua, N.H., is currently moving through the Superior Court of Hillsborough County, New Hampshire, under case number 226-2025-CV-00138. The class action lawsuit was originally filed on March 11, 2025, after digital privacy advocates and patients discovered that invisible web-tracking mechanisms, commonly referred to as tracking pixels, were embedded across the hospital’s patient-facing digital frameworks.
According to the legal complaint, St. Joseph Hospital actively allowed these surveillance codes to run inside its secure MyChart patient portal. When everyday people logged into their accounts to view private laboratory results, request prescription refills, or schedule medical appointments, the secret tracking tools allegedly intercepted their interactions. The lawsuit claims this setup actively wiretapped and transmitted patients’ protected health information (PHI) and personally identifiable information (PII) directly to Microsoft for corporate advertising and targeted marketing campaigns.
The effort to hold the healthcare network accountable for its digital security oversights has rapidly progressed through the New Hampshire judicial system. On April 30, 2026, a state judge granted preliminary approval to the $1,250,000 settlement agreement, moving affected consumers one step closer to financial recovery.
However, before cash payments can be officially distributed to the community, the court must host a final review. The judge has scheduled a final approval hearing for September 14, 2026, to determine whether the proposed terms are entirely fair and adequate. If the court grants final approval, and any subsequent legal appeals are completely resolved, the settlement administrator will begin distributing checks and electronic payments to approved claimants.
The legal strategy behind the lawsuit relies heavily on state-level consumer protection frameworks and strict telecommunication laws. Healthcare providers have a strict statutory duty to handle patient data with absolute confidentiality. The lawsuit specifically alleged that St. Joseph Hospital explicitly violated the New Hampshire Wiretapping and Eavesdropping Statute by allowing an unauthorized third party to look over patients’ shoulders while they navigated their private medical files.
Under federal and state privacy standards, healthcare organizations are strictly barred from sharing patient identities or treatment details without explicit, written authorization. Plaintiffs argued that by integrating Microsoft tracking technology into a secure medical portal, the hospital effectively sold out patient privacy. While St. Joseph Hospital continues to deny all allegations of wrongdoing and maintains that it did not break any laws, the organization ultimately chose to settle the litigation to avoid the mounting expenses, stress, and unpredictable risks of a prolonged courtroom trial.
The use of tracking pixels in a healthcare environment is uniquely invasive because of the specific information these snippets of code harvest. When you browse a standard retail website, a pixel tracks clothes or home goods; when embedded in a MyChart patient portal, it tracks your personal health choices.
The lawsuit asserts that the hidden code captured a wide array of personal and clinical data points. The intercepted datasets allegedly included patient names, physical addresses, specific medical search queries, clinical diagnoses, records of clicked links, and communication logs with medical staff. This meant that if a patient researched treatments for a sensitive chronic illness or viewed a particular laboratory report, that specific behavior was packaged and transmitted to corporate servers, creating detailed digital profiles that could be weaponized for targeted medical advertisements.
If you are an eligible consumer caught up in this tracking pixel incident, the settlement provides a direct, accessible route to financial compensation. The $1.25 million settlement fund is structured to distribute flat cash payments directly to everyday people.
Every qualifying class member who submits a timely and valid claim form is eligible to receive a $50 cash payment. Because the legal team aimed to design a consumer-first claims process, there is no proof of loss or documentation required to secure your payout. You do not need to show proof of identity theft or receipts to qualify for the money. However, consumers should keep in mind that the final individual reward could eventually be adjusted slightly higher or lower on a pro rata basis, depending entirely on how many valid claims are submitted before the official deadline.
Are you wondering if your digital privacy was compromised and whether you are included in this million-dollar settlement group? The settlement class is defined by a specific window of time and portal usage.
According to the official court records, you may be eligible to participate and claim your $50 payment if you are an individual who used a MyChart patient portal account associated with St. Joseph Hospital of Nashua, New Hampshire, at any time between January 1, 2023, and the present. The settlement administrator estimates that the total scope of the settlement class includes approximately 69,000 current and former hospital patients.
To receive your $50 settlement payment, you must actively complete and submit a claim form. The hospital will not automatically mail you a check simply because you used their patient portal during the breach window.
The official, court-approved website is now fully live and accessible at StJosephPixelSettlement.com. Thousands of affected individuals have already been sent formal settlement notices via mail or email containing a unique Class Member ID. To submit your claim online, you can simply visit the portal, type in your class ID, and select your preferred payout option, such as a paper check or an electronic transfer. If you did not receive a notice but believe you belong in the class, or if you prefer to file using physical paperwork, you can download a PDF version of the claim form from the site, fill it out by hand, and mail it to Kroll Settlement Administration LLC.
When pursuing corporate accountability, missing a legal deadline means permanently forfeiting your right to a recovery. The settlement framework outlines several strict dates that affected consumers must carefully observe.
If you wish to exclude yourself from the deal to preserve your right to file an independent lawsuit against the hospital, you must submit an opt-out request by July 30, 2026. The same date applies if you wish to formally object to the terms of the deal in writing. For the vast majority of consumers who wish to stay in the class and receive the $50 cash benefit, all completed claim forms must be successfully submitted online or postmarked no later than August 14, 2026.
New cases and investigations, settlement deadlines, and news straight to your inbox.
