Ambulatory surgery center lawsuits are civil cases filed against surgical facilities that operate outside hospital settings, alleging harm through data breaches, billing fraud, unsafe practices, or medical malpractice. These cases have increased significantly in recent years, with recent settlements exceeding $1 million for data breaches alone and larger awards addressing systemic billing violations. In 2026, the Ambulatory Surgery Center of Westchester in Mount Kisco, New York, received preliminary court approval for a $527,500 settlement over a November 2023 data breach that exposed patient names, Social Security numbers, driver’s licenses, medical records, and financial account information—affecting class members who could receive up to $5,000 in documented losses.
Ambulatory surgery centers (ASCs) are medical facilities designed to provide surgical and diagnostic procedures without requiring hospital admission. They range from single-specialty practices focused on orthopedic or cosmetic procedures to multi-specialty centers handling everything from endoscopies to major surgeries. Unlike hospitals, ASCs operate under less stringent federal oversight in some areas, and this regulatory gap has become a focal point in recent litigation. Lawsuits against ASCs fall into several categories: data security breaches, billing fraud, medical malpractice, and infection control failures—each carrying different legal standards and potential damages.
Table of Contents
- What Are the Main Types of Ambulatory Surgery Center Lawsuits?
- Data Breaches and Patient Privacy Violations at ASCs
- Medical Malpractice and Surgical Complications at Ambulatory Centers
- False Claims Act Violations and Billing Fraud
- Infection Control Failures and Communicable Disease Exposure
- Who Can Sue an Ambulatory Surgery Center and What Damages Are Available
- Recent Trends and What Patients Should Monitor
- Conclusion
What Are the Main Types of Ambulatory Surgery Center Lawsuits?
The primary categories of ASC litigation reflect the different operational risks these facilities face. Data breach lawsuits have dominated recent settlements, with the Island Ambulatory Surgery Center reaching a $1,000,000 preliminary settlement in October 2025 for a July 2023 breach affecting patient personal information. False Claims Act suits, typically brought by the federal government or whistleblowers, allege improper billing practices or fraudulent arrangements—such as Meridian Surgical Partners’ $5.1 million settlement involving below-market-value physician investments in ASCs with inflated returns. Medical malpractice claims arise from surgical errors, anesthesia complications, or inadequate patient monitoring, while infection control cases address systemic safety failures that expose patients to serious diseases.
The distinction between these categories matters legally because each carries different burdens of proof, damages calculations, and potential for class action status. A data breach typically qualifies as a class action because it affects a large group of identifiable patients simultaneously, making individual lawsuits impractical. False Claims Act violations are often brought under qui tam provisions, allowing whistleblowers to sue on behalf of the government and share in recoveries. Medical malpractice claims are usually individual cases with specific causation requirements, though clusters of errors at a single facility can support more complex litigation. The Anesthesia Management Company’s $7.2 million False Claims Act settlement in April 2022, involving 18 affiliated ASC entities, demonstrates how regulatory violations can span multiple locations and create broader liability.
Data Breaches and Patient Privacy Violations at ASCs
Data security breaches have generated the largest recent settlements against ambulatory surgery centers. The Ambulatory Surgery Center of Westchester settlement represents the current benchmark: a $527,500 recovery for a single breach affecting what appears to be a moderate-sized patient population. The breach exposed sensitive identifiers—names, Social Security numbers, driver’s licenses, dates of birth—alongside medical information and financial account details, creating compounded risk for identity theft and medical fraud. Class members with documented losses could recover up to $5,000, though actual distributions typically depend on the number of claims filed and the documented impact on each claimant.
A critical limitation in data breach cases is the causation standard: plaintiffs must usually show either actual identity theft or misuse of their information, or demonstrate they paid for credit monitoring and fraud protection services. Some courts have rejected data breach claims where plaintiffs could not prove concrete injury beyond the breach itself, meaning not every patient affected by a breach will recover damages. The Glendora Surgery Center breach discovered December 3, 2025—affecting a four-day window from November 29 to December 3—illustrates how even brief exposure periods can trigger notification obligations and litigation. The facility reported the breach to the U.S. Department of Health and Human Services on March 27, 2026, a delay that may itself become a litigation point regarding timely disclosure obligations.
Medical Malpractice and Surgical Complications at Ambulatory Centers
Medical malpractice cases against ASCs often involve serious injuries or deaths resulting from surgical errors, anesthesia mismanagement, or inadequate post-operative care. The Memorial Ambulatory Surgery Center lawsuit filed in March 2026 illustrates the severity of potential claims: a 48-year-old patient, Joy Barbera, died on August 13, 2025, after undergoing six plastic surgery procedures in a single day. The lawsuit names the surgery center itself, the surgeon (Dr. Kendall Roehl), the anesthesiologist (Dr. Yiu-Hei Ching), and two nurses—establishing multiple parties potentially liable for cumulative negligence in scheduling, anesthesia management, and patient monitoring.
The medical and legal question underlying this case is whether an ASC adequately assesses the cumulative risk of performing multiple major procedures on one patient without hospital-level ICU resources for potential complications. The distinction between hospital and ASC malpractice claims centers on standard of care expectations. ASCs are not equipped with intensive care units, blood banks, or 24-hour surgical teams—factors that establish lower baseline expectations in some contexts but also mean complications may escalate faster due to limited resources. A warning specific to multi-procedure cases: ASCs conducting multiple surgeries on a single patient face heightened scrutiny regarding cumulative anesthetic exposure, patient fatigue, and the facility’s ability to manage unexpected complications. Unlike hospitals, ASCs must discharge patients the same day in most cases, which can create pressure to proceed with scheduled procedures even when patient condition suggests waiting would be safer.
False Claims Act Violations and Billing Fraud
Billing fraud and improper financial arrangements have generated the largest ASC settlements beyond data breaches. The Meridian Surgical Partners settlement ($5.1 million) centered on alleged violations of the Anti-Kickback Statute—federal law prohibiting payments that encourage patient referrals. The specific alleged violation involved referring physicians investing in ASCs at below fair market value, then receiving inflated returns, effectively converting referrals into investments with guaranteed returns. This structure violates the Anti-Kickback Statute because the investment terms are arranged to reward the physician for referring patients to the ASC rather than representing a genuine business investment.
The Anesthesia Management Company case involved a broader scheme across 18 affiliated ASC entities, resulting in a $7.2 million settlement in April 2022. These cases demonstrate how regulatory violations often span multiple locations, and a single whistleblower with access to company-wide practices can expose systemic fraud affecting numerous facilities. A comparison worth understanding: medical malpractice requires proving a specific injury from a specific mistake at a specific facility, but False Claims Act cases can proceed on statistical patterns of improper billing or arrangements across dozens of locations. The government or whistleblower need not prove individual patient harm—only that the ASC submitted claims to Medicare, Medicaid, or other federal payers while engaged in prohibited conduct.
Infection Control Failures and Communicable Disease Exposure
Infection control failures represent a growing litigation category, with Health Plus Surgery Center in Saddle Brook, New Jersey, facing a pending class action alleging exposure of over 3,000 patients to HIV, hepatitis B, and hepatitis C. The lawsuit alleges multiple systemic failures: improper drug storage, an outdated infection control plan, and unacceptable sterilization practices. These allegations address the most serious potential harms from ASC operations—not financial loss or information exposure, but actual physical danger from infectious disease.
A critical limitation and warning regarding infection control cases: they require forensic investigation by medical experts to establish whether actual transmission occurred, not merely exposure risk. A patient alleging exposure to HIV may need to prove that the ASC’s specific failure created a realistic transmission pathway—for example, demonstrating that contaminated instruments came into direct contact with open wounds. The class size for Health Plus (3,000+ patients) reflects the scale of exposure risk, but the actual number of class members with recoverable claims depends on proving either seroconversion (actually contracting disease) or, in some jurisdictions, the cost of ongoing medical monitoring. This distinction means exposure cases often settle for substantial amounts but with complex claims administration and individual medical reviews for each claimant.
Who Can Sue an Ambulatory Surgery Center and What Damages Are Available
Ambulatory surgery center lawsuits fall into two principal categories regarding who can bring claims: patients alleging direct harm (data breach, infection exposure, malpractice) and the government or whistleblowers alleging regulatory violations (billing fraud, kickback schemes). Individual patients typically must establish direct injury—either concrete harm (infection, identity theft) or reasonable costs incurred (credit monitoring, additional medical care). Class action lawsuits consolidate numerous patients into a single suit, necessary when individual claims are small but aggregate harm is large, such as the data breaches where thousands of patients each suffered information exposure but individual losses might range from $0 to $5,000. Damages in ASC cases vary significantly by type.
Data breach settlements typically include compensation for documented losses, reimbursement for monitoring services, and sometimes a base award per class member. Medical malpractice damages encompass medical expenses, lost wages, pain and suffering, and in fatal cases, wrongful death damages covering lost economic support and loss of consortium. False Claims Act cases result in government recoveries, with whistleblowers receiving 15-30 percent of the settlement. Infection exposure settlements often require ongoing medical monitoring funds, in addition to compensation for actual disease transmission or serious infections, recognizing that some patients may not show symptoms for months or years.
Recent Trends and What Patients Should Monitor
The pattern of recent ASC litigation shows accelerating attention to facility oversight and patient safety. The Glendora Surgery Center breach (December 2025) and the Ambulatory Surgery Center of Westchester settlement (March 2026) fall within a tight timeline, suggesting regulatory agencies and plaintiff lawyers are identifying data security failures more quickly and litigating them more aggressively. Medical malpractice cases involving multi-procedure scheduling—exemplified by the Memorial Ambulatory Surgery Center death—may establish new precedent regarding facility responsibility to refuse or delay procedures when cumulative risk becomes excessive. The Health Plus infection control case, still pending, will set important standards for demonstrating causation in infection exposure cases, potentially making it easier for future plaintiffs to pursue similar claims.
Ambulatory surgery centers continue to grow as a segment of healthcare delivery, driven by cost pressures and patient preference for same-day procedures. This expansion creates both opportunity for legitimate surgical care delivery and risk of regulatory shortcuts. Future litigation will likely address emerging issues such as robotic surgery capability and training at smaller facilities, telehealth monitoring inadequacy for post-operative patients discharged to homes far from the ASC, and cybersecurity standards as ASCs integrate more digital record systems. Patients considering procedures at ASCs should verify facility accreditation status (typically through AAAHC or similar organizations) and ask whether the facility has experienced prior safety incidents, malpractice claims, or regulatory sanctions—information increasingly available through state licensing boards and federal databases.
Conclusion
Ambulatory surgery center lawsuits have emerged as a major litigation category spanning data security, billing fraud, medical malpractice, and infection control. Recent settlements including the Ambulatory Surgery Center of Westchester ($527,500), Island Ambulatory Surgery Center ($1,000,000), and the Meridian Surgical Partners False Claims case ($5.1 million) demonstrate that federal and state regulators, along with private plaintiffs, are actively pursuing ASC liability. The diversity of these cases—from information breaches affecting thousands of patients to specific surgical errors causing death—reflects the complexity of regulating facilities that operate with less oversight than hospitals while handling serious medical procedures.
If you underwent a procedure at an ambulatory surgery center and subsequently experienced complications, data breach notification, or evidence of improper billing, you may have grounds for legal action. The first step is consulting with an attorney experienced in healthcare litigation who can evaluate your specific situation, determine applicable law in your jurisdiction, and advise on potential recovery. Settlement amounts and eligibility criteria vary significantly by case type, so early legal review is essential to understanding your rights and applicable deadlines.