Indiana Company Sued for $300k for Failing to Notify About Security Breach : Austin Technology Law Blog

Home > Data Privacy > Indiana Company Sued for $300k for Failing to Notify About Security Breach

Indiana Company Sued for $300k for Failing to Notify About Security Breach

Posted on November 5, 2010 by Luke Stanfield

First off, thanks to everyone who came to listen to Stanfield Hiserodt speak on Data Privacy and Security at the Innotech Conference last week. It was a solid turn out and a good discussion.

In keeping with the theme, we came across this story via Businessweek.com about the Indiana Attorney General's office suing insurance company WellPoint for $300,000. Apparently, WellPoint allowed sensitive customer information, including health records and credit card data, to sit on an unsecured server for several months. WellPoint discovered this back in February, but apparently took its sweet time in notifying the affected customers. They didn't give the required notice until June.

There are currently 45 states with breach notification laws. If you handle sensitive customer data, make sure you have a plan in place to notify your customers as quickly as possible or you will feel the wrath of the Attorney General.

Tags: Data Privacy, Data Security Breach, Innotech Conference, Security Breach Notification Laws, WellPoint, attorney general, data security, sensitive data

Trackbacks (0) Links to blogs that reference this article Trackback URL
http://www.austintechnologylawblog.com/admin/trackback/229022

Comments (0) Read through and enter the discussion with the form at the end

Post A Comment / Question Use this form to add a comment to this entry.

Send To A Friend Use this form to send this entry to a friend via email.

Austin Technology Law Blog : Texas Technology Lawyers & Attorneys for Copyright, Trademarks & Software Licensing in Houston, Dallas & Austin TX

Published By
Stanfield Hiserodt PLLC

Legal thoughts on Technical Business Transactions, Intellectual Property and Licensing