To follow up on two previously reported breaches involving protected health information, here are two class action settlements that involve business associates:
CSI Financial Services aka ClearBalance
In July 2021, DataBreaches reported a breach at CSI Financial Services, aka ClearBalance, a firm that services loans made by hospitals and providers to patients who need to finance medical expenses. At the time, ClearBalance notified almost 210,000 patients whose protected health information (PHI) was in employee email accounts that had been accessed without authorization.
A class action lawsuit made all the usual claims — that the firm could have prevented the breach and that it should have notified people sooner.
Without admitting any wrongdoing, CSI Financial has agreed to a $2.65 million settlement deal to resolve these allegations. California residents will get more than residents of other states, and all may get two years of credit monitoring services.
The case is Ivo Kolar v. CSI Financial Services LLC, Case No. 37-2021-00030426, in the Superior Court for the State of California, County of San Diego. The final hearing will be in January.
For more details see, ClearBalanceClassActionSettlement.com.
h/t, Top Class Actions
Bricker and Eckler
Bricker and Eckler is a law firm in Ohio. In April 2021, they notified HHS and announced a ransomware attack had impacted 420,532 individuals. Unsurprisingly, a lawsuit was filed that claimed that the law firm could have avoided the breach by having appropriate data security.
And like most defendants in such lawsuits these days, Bricker & Eckler hasn’t admitted any wrongdoing but decided to settle because of the cost of litigation. In this case, they have settled for $1.95 million class action settlement.
The case is In Re Southern Ohio Health Systems Data Breach Litigation, Case No. A2101886, in the Court of Common Pleas for Hamilton County, Ohio. The final hearing is in November.
For more details, see SouthernOhioHealthSystemDataBreachSettlement.com
h/t, Top Class Actions