reports for the Associated Press:
Caremark Corp. will overhaul its information security system and pay the state of Texas $315,000 to settle a lawsuit that accused the drugstore operator of dumping credit card numbers, medical information and other material from more than 1,000 customers into a garbage container.
[…]
Records allegedly dumped by employees behind the store included credit and debit card numbers and prescription forms that contained customers’ names, addresses, dates of birth and types of medications, Abbott has said.
CVS’s revamped information security program must have administrative, technical and physical safeguards designed to protect the personal information of customers. It also must create a training program to inform new hires of its enhanced security procedures and conduct unannounced compliance checks at some stores, among other measures.
Full story – Houston Chronicle