Arizona, other states reach settlement in health care data breach
PHOENIX – Arizona and 15 other states have reached a settlement in a health care data breach lawsuit, it has been announced.
The Arizona Attorney General’s office said Tuesday the $900,000 deal was reached with health care software provider Medical Informatics Engineering Inc. and NoMoreClipboard, LLC.
Those companies will pay the states and improve data security.
The breach took place May 7-26, 2015. Hackers stole the protected health information of about 26,000 Arizonans and nearly 4 million individuals overall.
Their exposed personal information included names, telephone numbers, addresses, Social Security numbers, passwords, medical conditions and lab results.
The case was filed in Indiana, home to Medical Informatics, in December 2018.
The lawsuit accused the company of failing to implement “basic industry-accepted data-security measures” and didn’t encrypt sensitive personal information, among other issues.
Other states that joined the lawsuit were Arkansas, Connecticut, Florida, Indiana, Iowa, Kansas, Kentucky, Louisiana, Michigan, Minnesota, Nebraska, North Carolina, Tennessee, West Virginia, and Wisconsin.
A separate consumer class-action suit was also filed against the company.
The Associated Press contributed to this report.