Chris Larson reports:
A Humana Inc. customer filed a class-action lawsuit in federal court against the Louisville-based health insurance and health care provider.
The suit, filed in the U.S. District Court for the Western District of Kentucky, alleges that a company called Visionary Medical Systems Inc. mishandled sensitive patient data, exposing the data to public access on the internet.
Read more on Louisville Business Journal.
In March, DataBreaches.net had reported the breach, explaining:
In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an employee of the business associate’s subcontractor had engaged in wrongdoing with some members’ protected health information.
Specifically, Humana uses a business associate for risk management, Cotiviti. Cotiviti, in turn, utilizes a subcontractor, Visionary.
Almost 63,000 members were notified of the breach.
According to Louisville Business Journal, Visionary Medical Systems is named in the text of the suit, but only Humana and Cotiviti are reportedly named as defendants.