Christopher Brown reports:
Insight Global LLC will pay up to $5,000 each to victims of an April 2021 data breach involving Covid-19 contact-tracing data to compensate them for extraordinary out-of-pocket losses, in a settlement given final approval by a federal judge.
Lisa Chapman filed the proposed class action against Insight and the Pennsylvania Department of Health, alleging they negligently failed to protect health information collected during the state’s Covid-19 contact tracing initiative, putting victims at risk of fraud and identity theft.
The health department was later dropped from the amended suit.
Read more at Bloomberg. Some of their links do not seem to go to the appropriate files, but here’s the settlement site with all the documents and information: insightdatabreach.com/
As is this site’s practice, we looked at the settlement terms for references to data security. The only provision was this one:
2.5 Equitable Relief.
Insight Global agrees to maintain at a minimum, for a period of one (1) year following final approval of the settlement, the enhanced security systems and practices with respect to contact tracing that were implemented following the Data Incident.