As a follow-up on a breach previously reported here, Texas Attorney General Greg Abbott announced that the state has reached an agreement with Cornerstone Fitness, L.L.C. that requires the fitness center to better protect its customers’ personal information.
In February, the Attorney General charged Cornerstone with violating a Texas law that governs the disposal of confidential consumer data. According to the state investigators, Cornerstone hired a moving company to transport equipment, furniture and business records to its flagship facility on Cornerstone Blvd. in October 2007. A filing cabinet containing customers’ personal training service contracts was found in a dumpster behind the defendant’s McColl Road location. The contracts included customers’ sensitive personal information. State investigators subsequently showed that the defendant failed to satisfy Identity Theft Enforcement and Protection Act document security requirements.
Under today’s agreement, the defendant must implement a comprehensive records management policy and strictly comply with state document disposal laws.
Cornerstone Fitness Texas, L.L.C. agreed to pay $28,000 in civil penalties and attorneys’ fees to resolve the state’s enforcement action.
Source: Texas Attorney General Greg Abbott’s Office