Edelson McGuire, a law firm specializing in commercial litigation, has filed a class action lawsuit against health insurer AvMed Health Plans following a large December 2009 data breach.
Two unencrypted laptop computers were stolen on Dec. 11 from an AvMed facility in Gainesville, Fla. AvMed initially believed information on about 208,000 members was at risk, but that number rose to 1.22 million by June 2010. Protected information on the laptops included a mixture of name, address, date of birth, Social Security number, phone number, and diagnosis, procedure and prescription information.
"Merely taking the time to encrypt their laptops likely would have obviated any harm done by this theft," says William Gray, an attorney at Edelson McGuire, in a statement. "It is mind-boggling that such simple procedures were not done to protect AvMed's customers, who placed their trust in their insurance company to protect their highly personal information."
Miami-based AvMed has previously said it has no evidence that any information on the laptops has been misused.
The AvMed incident is one of nearly 200 breaches affecting at least 500 individuals listed since September 2009 on a website of the Department of Health and Human Services' Office for Civil Rights. The office has enforcement jurisdiction over the HIPAA breach notification law promulgated under the HITECH Act.
For a copy of the lawsuit filed against AvMed in the Circuit Court of the Eleventh Judicial Circuit in Miami-Dade County, send an e-mail to firstname.lastname@example.org.
This story has been reprinted with permission from Health Data Management.
Register or login for access to this item and much more
All Digital Insurance content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access
Corrected November 29, 2010 at 11:32AM: yes