Class Action Data Breach Lawsuit Settlement Rings Alarm Bells

The Emergence of the Class Action Data Breach Lawsuit:  Just one more reason it is imperative to take all means possible when it comes to protecting customer information.  A recent $3 million class action data breach lawsuit awarded by a Florida court in mid-March of 2014 sets the stage for many more such settlements.

The suit was the outgrowth of a laptop lost by AvMed, a Florida-based health insurer. According to widely published reports, after having been dismissed twice by lower courts, the U.S. Court of Appeals for the Eleventh Circuit allowed several of the claims, including those pertaining to negligence and breach of contract, to remain, and remanded the case back to the district court. The failure to dismiss the claims, a first in this type of legal action, is what then promoted AvMed to seek a settlement.

According to industry expert Bob Johnson, “Up until this Florida ruling, however, every such attempt had been summarily dismissed based on the absence of demonstrated financial damages. That’s why this is so significant. For the first time in history, with no damages directly related to the breach, the court allowed the case to proceed.”

This ruling could mean that in addition to the cost of breach reporting, credit monitoring and embarrassing headlines, class-action awards are more likely to be a costly consequence of data breaches in the future. Second, this precedent will provide an incentive for lawyers who specialize in class-actions to bring more such cases.

Following up on our recent posts on The Red Flags Rule, the key is better policies, better employee training, and heightened awareness of safe storage and disposal of customer data.

For more information on on-site shredding service and best practices in identity theft prevention, please visit

by HV Shred