Friday, November 1, 2013

Class Action Settlement for Lack of Data Breach Security

A class action suit, stemming from a data privacy breach at a health plan company, has been settled for $3 million. The settlement is significant because it awards payments to those who were not victims of identity theft.

The settlement payment "is based on a theory that the class had an expectation that some portion of their insurance premium would go to data security," said security attorney Ronald Raether, who was not involved in the case,

The plaintiffs' attorneys said "the plaintiffs should be refunded the portion of their premium that should have been spent on security but apparently wasn't."
- Deborah McGraw, Director, health privacy project at the Center for Democracy & Technology.
According to Raether this settlement could lead to similar cases. "..and thus the likelihood that companies will settle to avoid the catastrophic losses posed by a class action. The payment of $750,000 [to the plaintiffs'] attorneys will incentivize some attorneys to bring these cases."

Reuther noted "Unfortunately, many companies do not give info security enough attention and resources. Thus the other significant point is the injunctive relief to make security improvements." Organizations can now proactively detect data breaches with low-cost on-demand SaaS analytics services.

We previously posted about this and another data breach class action suit pending in the Southern District of Florida.

Download a white paper on data privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Settlement in AvMed Breach Suit - www.HealthcareITsecurity.com, 10/31/2013

No comments:

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.