National and global cybersecurity is an ongoing and escalating concern, with breaches of the likes of Sony, Target, and JPMorgan all making major news last year and implicating personal identifiable information of millions of consumers. This month, a massive breach has hit the litigation stage, as numerous lawsuits in multiple fora have been filed in the wake of the hack of Anthem’s health insurance database which has exposed approximately 80 million people to potential identity theft.
To date, lawsuits have emerged in courts in Alabama, California, Colorado, Florida, and Indiana, where the company is based. Insurance policyholders seek class certification in claims against Anthem after the largest data breach of any insurance company database in history under legal theories including negligence for failure to encrypt sensitive data and breach of a contractual promise to protect sensitive personal information, including policyholders’ addresses and social security numbers. At least one of the lawsuits’ plaintiffs is seeking lifetime consumer protection services to mitigate the harm done by the dissemination of this sensitive information.
Although encryption of private information is not required by the Health Insurance Portability and Accountability Act (HIPAA), insurance companies have been encouraged to encrypt. In light of the Anthem breach and the enormous aggregate risk bourn by millions of healthcare consumers as a result, the Senate’s Health, Education, Labor and Pensions committee is contemplating an initiative to require stronger measures securing HIPAA-protected information of healthcare and insurance providers, including encryption of health records. After President Obama openly called for a more comprehensive plan to address cybersecurity last month, the White House recently held the first ever Summit of Cybersecurity and Consumer Protection, emphasizing the need for stronger security measures and international cooperation in rooting out and punishing cybercrimes.
If you have questions about a business litigation matter, particularly involving cyber security or liability, do not hesitate to call the attorneys at the Patterson Law Firm for guidance at (312) 223-1699.