In 2011 there was an employee of AvMed Corporation in Florida that managed to steal 2 laptops from the company’s corporate location. On the laptop there was roughly 1.2 million patient’s personally identifiable information. This information was used to obtain bank accounts and credit cards for an undisclosed number of these patients.
AvMed was ordered to pay 3 Million dollars in damages to be disbursed in various ways listed below:
- Approved Premium Overpayment Claims
- Approved Identity Theft Claims
- Settlement Administration Expenses
- Class Counsel’s Attorney’s Fees and Costs
- Plaintiff’s Incentive Reward
AvMed has also agreed to the following stipulations moving forward:
- Mandatory Security Awareness Training for ALL Employees
- Mandatory Training on Best Practices for Workstation Security
- Upgrading all computers with additional security measures and mechanisms
- New Password Policies and Procedures
- Physical Security Upgrades to each facility
- Revision of all Policies and Procedures to better IT Security
At Loricca we handle each and every one of these facets of the IT Security and Compliance program. If your business handles sensitive information of any type, you may be vulnerable to any number of the above-mentioned risks. We would like to speak with you regarding a simple Risk Assessment to determine where your company lies in relation to the benchmarks of regulatory compliance and IT Security. Please contact us at your convenience.
