Skip to main content
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Opinion
    • Bold Moves
    • Breaking Bias
    • Commentaries
    • Letters
    • Vital Signs Blog
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • ESG: The Implementation Imperative Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Hospital at Home
    • - Workplace of the Future
    • - Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Video Series - The Check Up
    • Sponsored Video Series - One on One
  • Data Center
    • Data Center Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Insurance
March 27, 2015 01:00 AM

Premera faces class-action suit over massive data breach

Lisa Schencker
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    Premera Blue Cross failed to adequately protect its customers' personal information and notify them of a recent data breach in a timely manner, according to the latest class-action lawsuit filed Thursday against the insurer in federal court in Seattle.

    The suit is one of at least five class-action suits filed over the breach, said James Bilsborrow, an attorney representing the plaintiffs with law firm Weitz & Luxenberg. Premera announced earlier this month that a May 2014 cyberattack breached a system that contained records for 11 million of its customers.

    Several class action lawsuits already have been filed against insurer Anthem, which also suffered a cyberattack disclosed earlier this year that exposed the personal information of 80 million current and former Anthem members.

    Premera said in a statement Friday the latest lawsuit was not unexpected because such actions are typical following data breaches. The insurer said it could not comment on pending litigation.

    However, in an earlier statement on the insurer's website, Premera President and CEO Jeff Roe said of the attack: “The privacy and security of our members' personal information is a top priority for us. As much as possible, we want to make this event our burden, not yours, by making services available to protect you and your information moving forward.”

    Premera has pledged to provide customers with two years of free credit monitoring and identity theft-protection services, including identity theft insurance.

    The lawsuit against Premera was filed on behalf of three plaintiffs from Nevada and Washington. The complaint in the suit alleges Premera “breached its duty to protect and safeguard its customers' personal and health information and take reasonable steps to contain the damage caused where any such information was compromised.”

    The insurer's cybersecurity systems were breached just weeks after federal auditors warned Premera that those systems were vulnerable, according to the lawsuit. Premera then exposed customers to even greater risk by waiting six weeks to publicly reveal the breach, the lawsuit alleges.

    The insurer still has yet to “fully and accurately” inform all those affected about the breach's consequences for them, according to the lawsuit.

    “This is unacceptable,” the complaint states. “In a data breach situation, it is incumbent upon the breached company to provide accurate and complete information to those at risk so they may immediately protect themselves and their families from further harm.”

    Washington state law requires companies provide notice as quickly as possible, according to the lawsuit.

    The lawsuit also alleges that a recent outbreak of healthcare data breaches should have put Premera on high alert. It references a Community Health Systems hack that exposed the Social Security numbers of 4.5 million customers in 2014, and incidents involving Centura Health in Colorado and St. Joseph Health System in Texas.

    “The history of cyber security breaches in the industry, and the warnings that are now all but ubiquitous, have placed companies operating in the industry on notice of the duty to safeguard customers' personal and health information,” according to the lawsuit. “If anything, this history of failure should spur greater efforts to implement top-of-the-line cyber security measures that exceed the industry standard.”

    Bilsborrow also said a greater breadth of data was exposed in the Premera breach compared with the Anthem hack. In the Premera cyberattack, clinical information was exposed, raising “the specter of medical blackmail, healthcare discrimination, and more effective information by which to perpetrate fraud,” he said.

    Ken Dort, a partner in Drinker Biddle & Reath's Intellectual Property Practice Group in Chicago, said there might be some merit to the plaintiffs' allegation that Premera waited an unnecessarily long time to publicize the breach. But he said it can often be difficult in such cases for plaintiffs to get significant damages.

    For example, in a previous case involving AvMed, the insurer agreed, as part of a settlement, to reimburse customers who lost money as a result of their identities being stolen through a data breach. In that case, two laptops containing personal information for more than 1 million customers were stolen. Dort, however, said AvMed didn't have to set aside a great deal of money to reimburse those customers because it can be nearly impossible to show identity theft issues are a direct result of a data breach.

    The lawsuit against Premera seeks unspecified damages.

    The Premera breach affects Premera Blue Cross, Premera Blue Cross and Blue Shield of Alaska, and affiliate brands Vivacity and Connexion Insurance Solutions, according to Premera. The attack may have exposed applicants' and members' names, birthdays, contact information, Social Security numbers, member identification numbers, bank account information and clinical information.

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    diversity2_i.png
    How Connecticut's Broker Academy targets health disparities
    cybersecurity_i.jpg
    Massachusetts health insurer faces ransomware attack, member data at risk
    Most Popular
    1
    More healthcare organizations at risk of credit default, Moody's says
    2
    Centene fills out senior executive team with new president, COO
    3
    SCAN, CareOregon plan to merge into the HealthRight Group
    4
    Blue Cross Blue Shield of Michigan unveils big push that lets physicians take on risk, reap rewards
    5
    Bright Health weighs reverse stock split as delisting looms
    Sponsored Content
    Daily Finance Newsletter: Sign up to receive daily news and data that has a direct impact on the business and financing of healthcare.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Advertise with Us
    • Ad Choices Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Opinion
      • Bold Moves
      • Breaking Bias
      • Commentaries
      • Letters
      • Vital Signs Blog
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • ESG: The Implementation Imperative Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Hospital at Home
        • - Workplace of the Future
        • - Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Video Series - The Check Up
      • Sponsored Video Series - One on One
    • Data Center
      • Data Center Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing