Avem Health Partners Pays $1.45 Million to Settle Class Action Data Breach Lawsuit
Avem Health Partners agreed to pay a $1.45 million settlement to settle claims associated with a 2022 data breach affecting the protected health information (PHI) of 271,303 persons. Avem Health Partners based in Oklahoma City is an administrative and technology services provider to healthcare companies. On May 16, 2022, hackers acquired access to the servers of 365 Data Centers, one of Avem Health Partners’ vendors. The unauthorized access happened on May 14, 2022, but Avem Health Partners became aware of the data breach on September 9, 2022.
The compromised information included names, birth dates, driver’s license numbers, Social Security numbers, medical insurance data, and diagnosis and treatment details. Avem Health Partners notified the impacted persons in December 2022. The lawsuit Bingaman, et al. v. Avem Health Partners Inc. was subsequently filed by the plaintiffs asserting that their PHI was negligently stored. If proper cybersecurity steps had been implemented and employees received hipaa training, the breach might have been avoided. Avem Health Partners decided to resolve the lawsuit without accepting any wrongdoing.
Claims are to be accepted from those who received notification concerning the data breach from Avem Health Partners. Claims could be filed for as much as $7,000 to pay out-of-pocket expenditures resulting from the data breach, which include credit costs, bank charges, lost money due to identity theft and fraud, and approximately 5 hours of lost time valued at $25 an hour. Persons who don’t file claims to be compensated for losses are entitled to be given a cash payment of around $100, even though that amount might be lower based on the number of claims.
Irrespective of the option selected, class members shall be qualified to get free identity theft protection and credit monitoring services for three years, which come with a $1 million identity theft insurance plan. The due date for objection to and exemption from the arrangement is April 25, 2024, and the schedule of the final approval hearing is on May 10, 2024.
Roper St. Francis Healthcare Pays $1.5 Million to Resolve Data Breach Lawsuit
Roper St. Francis Healthcare has decided to pay $1.5 million to resolve a class action lawsuit filed because of a 2020 data breach. Roper St. Francis Healthcare is a healthcare system based in South Carolina that manages 4 hospitals and over 117 healthcare centers. At the end of October 2020, Roper St. Francis Healthcare confirmed the compromise of three email accounts after employees replied to phishing emails. Unauthorized individuals accessed the email accounts from October 14 to October 29, 2020. The exposed accounts included the PHI of 89,761 individuals, which included brands, patient account numbers, medical record numbers, birth dates, and some treatment and clinical details, like dates and locations of service, names of providers, and billing details.
The data breach prompted the filing of the lawsuit. The plaintiff claimed that Roper St. Francis Healthcare failed to implement fair and proper cybersecurity procedures. Further, Roper St. Francis Healthcare should have known its susceptibility to cyberattacks since it had encountered several data breaches previously. Roper St. Francis Healthcare disagreed with the plaintiffs’ statements and decided to resolve the lawsuit without admitting any wrongdoing.
Based on the settlement, those who received a notification letter regarding the data breach from Roper St. Francis Healthcare could claim up to $325 as compensation for expenses related to the data breach, for instance, credit expenses and bank charges, and around four hours of lost time valued at $20 an hour. In case of sustained extraordinary expenses because of identity theft and fraud, claims as much as $3,250 may be filed. All class members are eligible for free credit monitoring services for one year, besides those already provided in the individual notifications regarding the data breach. The due date for filing an exemption from or objection to the settlement is on or before April 30, 2024. The schedule of the final approval hearing is on May 2, 2024.