Friday, 09 December 2022

Attorney General Becerra recovers nearly $1 million for California from Premera Blue Cross health records data breach

SACRAMENTO – California Attorney General Xavier Becerra announced the recovery of $996,000 for California as part of a multistate settlement against health insurer Premera Blue Cross.

The settlement resolves allegations that the health insurer violated state and federal privacy laws arising from a 2014 data breach.

The settlement was the result of a multistate investigation and includes $10 million in civil penalties, of which California will receive $996,000.

It also includes significant injunctive terms requiring Premera to implement reasonable security to protect consumers’ personal and medical information and to maintain a compliance program.

“Consumers who entrust their health information to companies deserve security in return. Companies have a responsibility to protect consumers’ private information, especially sensitive health information,” said Attorney General Becerra. “Premera’s failure to protect the private information of millions of patients is unacceptable. This settlement should send a strong message to companies with loose data privacy practices: it doesn’t pay to cut security corners.”

The settlement stems from a data breach that was publicly announced in March 2015, where the personal information of 10.5 million consumers, including 400,000 Californians, was breached.

The data included the consumers’ names, Social Security numbers, bank account information, medical information, and health claims-related data. Attackers gained access to patient data by sending fake, targeted emails to Premera employees. These emails contained malware that allowed the attackers to spend months compromising Premera’s inadequately-secured network.

The multistate investigation found that the company lacked basic data security, failed to monitor its network for malicious activity, and disregarded experts’ warnings of security flaws. In addition, it failed to limit access to sensitive information, allowing employees without business need to access the information.

The settlement resolves allegations that Premera violated each state’s consumer protection and medical information laws, as well as the federal Health Insurance Portability & Accountability Act, which established national standards and safeguards to protect personal health information.

A copy of the complaint can be found here and the proposed judgment can be found here.

Upcoming Calendar

9Dec
12.09.2022 4:00 pm - 8:00 pm
Hometown Christmas in Lower Lake
10Dec
12.10.2022 10:00 am - 1:00 pm
Farmers' Market at the Mercantile
10Dec
12.10.2022 10:00 am - 12:00 pm
Ladies of the Lake Quilt Guild
10Dec
12.10.2022 11:00 am - 1:00 pm
Weekly writing workshop
10Dec
12.10.2022 11:00 am - 2:00 pm
Clear Lake State Park Christmas open house
13Dec
12.13.2022 12:00 pm - 1:00 pm
Rotary Club of Clear Lake
14Dec
12.14.2022 10:00 am - 3:00 pm
Bucket Brigade Blood Drive Challenge
15Dec
12.15.2022 7:30 am - 8:30 am
Rotary Club of Middletown
17Dec
12.17.2022 10:00 am - 1:00 pm
Farmers' Market at the Mercantile
17Dec
12.17.2022 11:00 am - 1:00 pm
Weekly writing workshop

Mini Calendar

loader

LCNews

Responsible local journalism on the shores of Clear Lake.

 

Memberships:

 

Newsletter

Enter your email here to make sure you get the daily headlines.

You'll receive one daily headline email and breaking news alerts.
No spam.
Cookies!

lakeconews.com uses cookies for statistical information and to improve the site.