AGs Settle with EyeMed for $2.5 Million after Allegedly Lax Data Security Lead to Data Breach

Cozen O'Connor
Contact
LinkedIn
Facebook
X
Send
Embed

Cozen O'Connor

  • The AGs of Oregon, New Jersey, Florida, and Pennsylvania settled with EyeMed Vision Care LLC to resolve allegations that the company violated state consumer protection and personal information protection laws, as well as the federal Health Insurance Portability and Accountability Act (HIPAA), by improperly securing consumer health data that was subsequently compromised in a data breach.
  • According to the settlement, EyeMed allegedly failed to properly safeguard consumer personal information (PI) and personal health information (PHI) in its email accounts, which led to unauthorized access of the PI and PHI of approximately 2.1 million consumers.
  • Under the terms of the settlement, EyeMed must pay $2.5 million to the states and must implement adequate security measures.

Written by:

Cozen O'Connor
Cozen O'Connor
Contact
more
less

Cozen O'Connor on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide