Your final payment from the Staten Island University Hospital data breach settlement depends primarily on which claim option you choose and how many other class members file valid claims. If you were among the 35,106 individuals whose protected health information was compromised through the Medibase Group breach, you can receive either a flat $35 cash payment with no paperwork required, or up to $1,000 in documented out-of-pocket expense reimbursement. For someone who spent $200 on credit monitoring services after learning their Social Security number was exposed, that reimbursement option is clearly the better route — but only if you have the receipts to prove it.
Beyond the dollar amounts, several less obvious factors will shape what actually lands in your account. The total number of valid claims filed by the March 16, 2026 deadline directly affects individual payouts through pro rata reduction, meaning if an unexpectedly high number of the 35,106 affected individuals file claims, everyone’s check could shrink.
Table of Contents
- What Determines Your Staten Island University Hospital Settlement Payout Amount?
- How the Medibase Data Breach Created This Settlement — And Why It Matters for Your Claim
- Documented Expenses — What Qualifies for the $1,000 Maximum Reimbursement
- Flat $35 Payment vs. Documented Claim — Which Option Should You Choose?
- Why Pro Rata Reduction Could Lower Your Payment — And How Likely That Is
- Critical Deadlines You Cannot Miss
- The Broader Context — SIUH’s Settlement History and What Comes Next
- Frequently Asked Questions
What Determines Your Staten Island University Hospital Settlement Payout Amount?
Four primary factors control what you receive from this settlement. First and most significant is your claim type: the no-documentation $35 flat payment versus the documented expense reimbursement up to $1,000. Second is the total number of valid claims submitted across all 35,106 eligible class members. If claims exceed the settlement fund’s capacity, payouts get reduced proportionally. Third is the quality and completeness of your documentation if you pursue the higher reimbursement. Fourth is the nature of what was exposed in your specific case — someone whose Social Security number and financial data were compromised likely incurred more documentable expenses than someone whose only exposed information was hospital admission dates.
To put this in practical terms, consider two class members. One files the flat $35 claim and receives payment with no further effort. The other spent $150 on a credit monitoring subscription, $50 on notarized identity theft affidavits, and four hours dealing with a fraudulent credit inquiry that resulted from the breach. With proper documentation, that second person could claim the full amount of those expenses. However, if the number of documented claims exceeds projections, even that well-documented claim could be reduced on a pro rata basis. The flat $35 payment carries the same pro rata risk, but its lower amount makes reduction less likely to be meaningful.
How the Medibase Data Breach Created This Settlement — And Why It Matters for Your Claim
The breach itself originated not at staten island University Hospital directly, but at The Medibase Group Inc., a business associate that provided healthcare solutions and technical assistance to SIUH. In January 2024, an unauthorized third party accessed Medibase’s systems. SIUH was not notified until approximately May 8, 2024 — a gap of roughly four months. The compromised data included names, Social Security numbers, dates of birth, medical information, health insurance details, and in some cases hospital admit and discharge dates along with outstanding balances. The lawsuit, Santiago et al. v.
Staten Island University Hospital, resulted in this settlement. Why does the breach’s origin matter for your payout? Because the type of data exposed in your particular case affects your ability to document losses. If your Social Security number was compromised, you have a much stronger basis for claiming expenses related to credit monitoring, identity theft protection, or time spent freezing and unfreezing credit reports. However, if your exposed data was limited to medical information or hospital dates without financial identifiers, you may find it harder to document out-of-pocket losses that were directly caused by the breach. In that scenario, the $35 flat payment might be your most realistic option. SIUH denies all claims of wrongdoing, fault, and liability, but agreed to settle to avoid the costs and disruption of continued litigation. The hospital has also confirmed it no longer conducts business with Medibase.
Documented Expenses — What Qualifies for the $1,000 Maximum Reimbursement
The up-to-$1,000 reimbursement option covers documented, unreimbursed out-of-pocket expenses that were directly caused by the data breach. This typically includes costs like credit monitoring services you purchased after the breach notification, fees for credit freezes or fraud alerts, costs associated with obtaining credit reports, expenses for notarized documents related to identity theft, and in some cases lost time spent dealing with fraud if the settlement terms allow hourly compensation for that time. The key word is “unreimbursed” — if your bank already refunded a fraudulent charge, you cannot claim that amount again through the settlement. For a concrete example, suppose you received the breach notification in mid-2024 and immediately signed up for a $15-per-month identity monitoring service.
By the time you file your claim, you have accumulated roughly $270 in monitoring costs over 18 months. You would need to submit proof of those charges — credit card statements, subscription receipts, or bank records — along with your claim form. If you also paid $30 for expedited replacement of a compromised insurance card and $25 in postage for certified mail to credit bureaus, your total documented claim would be $325. That is well within the $1,000 cap and, assuming your documentation is solid, should be reimbursed in full unless pro rata reduction applies.
Flat $35 Payment vs. Documented Claim — Which Option Should You Choose?
The decision comes down to a straightforward calculation: do your documented, unreimbursed expenses exceed $35, and can you prove them? If you incurred no out-of-pocket costs from the breach, or if your expenses were under $35, or if you simply do not have receipts, the flat payment is the clear choice. It requires no documentation, no proof, and no risk of claim denial due to insufficient evidence. You file, you qualify as a class member, you receive payment. On the other hand, if you spent real money responding to this breach, leaving that on the table by taking the $35 would be a mistake.
Someone with $600 in documented expenses should absolutely pursue the higher option, even accounting for the possibility of pro rata reduction. One important caveat: you cannot claim both. You must choose either the flat $35 payment or the documented expense reimbursement. You can also opt for the two years of medical data monitoring services with a $1 million identity theft insurance policy instead of — or potentially alongside — the cash options, depending on the settlement terms. That monitoring option has significant value if you are concerned about ongoing exposure of your medical and personal data but have not yet purchased protection on your own.
Why Pro Rata Reduction Could Lower Your Payment — And How Likely That Is
Pro rata reduction is the mechanism that prevents the settlement fund from being overdrawn. If the total value of all valid claims exceeds the available funds, each individual payout is reduced proportionally. This is standard in class action settlements, but the practical impact varies enormously depending on the claim rate. In data breach settlements involving healthcare information, claim filing rates have historically been relatively low — often in the single-digit percentages of eligible class members. With 35,106 affected individuals, even a 10% filing rate would mean roughly 3,500 claims.
The warning here is that claim rates are unpredictable and rising. As public awareness of data breach settlements increases, more people file. If this settlement sees an unusually high participation rate, the $35 flat payment could be reduced to $25 or even less. Documented expense claims face the same reduction risk, but because they are tied to actual proven losses, settlement administrators sometimes prioritize full reimbursement for documented claims over flat payments. The specific terms of this settlement govern how that prioritization works, so review the settlement agreement on the official site at medibasesiuhdatabreachsettlement.com for details on the reduction formula.
Critical Deadlines You Cannot Miss
The claim submission deadline is March 16, 2026, which is just days away. If you have not yet filed, this is urgent. The exclusion and opt-out deadline of March 2, 2026 has already passed, meaning you can no longer remove yourself from the class to pursue independent legal action. The final fairness hearing is scheduled for March 31, 2026, at which point the court will decide whether to grant final approval to the settlement.
If approved, payments will be processed afterward, though the exact disbursement timeline depends on whether any objections or appeals delay the process. Missing the March 16 filing deadline means forfeiting your right to any payment from this settlement entirely. There are no late-filing provisions in most class action settlements, and breach-related settlements are no exception. File through the official settlement website rather than through any third-party service claiming to file on your behalf.
The Broader Context — SIUH’s Settlement History and What Comes Next
This data breach settlement is not the first time Staten Island University Hospital has been involved in a major legal resolution. In 2008, the hospital paid $74,032,565 to the United States and $14,883,883 to New York State — a total of $88,916,448 — to settle claims of defrauding Medicare, Medicaid, and TRICARE. That was a completely separate matter involving false billing claims and has no connection to the current data breach case.
But it does illustrate the scale of legal exposure that healthcare institutions face when data handling or billing practices go wrong. Looking ahead, settlements like this one will likely become more common and potentially larger as healthcare data breaches continue to rise in frequency and severity. The involvement of third-party vendors like Medibase — rather than the hospital itself — adds a layer of complexity that regulators and courts are increasingly scrutinizing. For affected individuals, the practical takeaway is to file your claim before the deadline, choose the option that reflects your actual situation, and keep copies of everything you submit.
Frequently Asked Questions
How much will I get from the Staten Island University Hospital data breach settlement?
Either a flat $35 with no documentation required, or up to $1,000 in reimbursement for documented out-of-pocket expenses caused by the breach. The exact amount may be reduced if an unusually high number of claims are filed.
What is the deadline to file a claim for the SIUH settlement?
The claim submission deadline is March 16, 2026. The opt-out deadline of March 2, 2026 has already passed.
Do I need proof to file a claim?
Only if you choose the documented expense reimbursement option (up to $1,000). The flat $35 payment requires no documentation beyond confirming you are a class member.
What data was exposed in the Staten Island University Hospital breach?
Names, Social Security numbers, dates of birth, medical information, health insurance information, and in some cases hospital admit/discharge dates and outstanding balances. The breach occurred through Medibase Group Inc., a third-party vendor.
Can I get both the cash payment and the credit monitoring?
The settlement offers three options — the flat $35, documented expense reimbursement up to $1,000, or two years of medical data monitoring with a $1 million identity theft insurance policy. Review the official settlement terms at medibasesiuhdatabreachsettlement.com for details on whether monitoring can be combined with a cash option.
When will settlement checks be mailed?
Payments will be distributed after the final fairness hearing on March 31, 2026, assuming the court grants final approval and no appeals are filed. The exact timeline depends on the settlement administrator’s processing schedule.
You Might Also Like
- Staten Island University Hospital Settlement Timeline: Notice, Objections, Final Hearing, And Payments
- Shimano Settlement Payouts: What Impacts Your Final Payment Amount
- Hyundai And Kia Settlement Payouts: What Impacts Your Final Payment Amount