CaptureRx recently proposed to settle multiple class-action lawsuits for $4.75 million. The lawsuits allege that the healthcare administrative service provider didn’t do enough to protect patient data which led to a data breach that affected over 2.4 million people.
Read more: HIPAA compliant email: The definitive guide
If the court or plaintiffs don’t accept the proposed settlement, CaptureRx “will strongly consider filing for bankruptcy” due to rising legal costs, according to CaptureRx CEO Chris Hotchkiss.
The Texas-based company suffered from one of the largest healthcare data breaches in 2021. The HIPAA Breach Report for June 2021 noted that CaptureRx reported a network server incident. In February 2021, CaptureRx noticed unusual activity on its IT network. Unauthorized individuals had gained access to the network and subsequently used ransomware to encrypt sensitive data.
Hackers had access to protected health information (PHI) like names, birth dates, and prescription information.
In the months that followed, several class-action lawsuits were filed against CaptureRx, which is also known as NEC Networks. The lawsuits allege that CaptureRx was negligent, invaded privacy, and used improper data security practices.
What is in the proposed settlement?
While CaptureRx has denied all charges of wrongdoing, it has offered to settle all lawsuits with a $4.7 million settlement. If the proposed settlement is approved, affected patients will be entitled to a payment of $25 and an additional $75 if the patient qualifies as a California subclass member.
The settlement will also give CaptureRx 90 days to develop and implement a comprehensive security plan to protect PHI.
Read more: How to avoid a HIPAA corrective action plan
CaptureRx proposed the settlement because litigation “would be protracted and expensive.” Hotchkiss states that the numerous indemnity claims have put a “severe financial strain on the company.” He also states that the company’s wasting insurance policy will only cover under half of the proposed settlement. The company owners are funding part of the settlement with their own money.
Hotchkiss urges the settlement be accepted or the company will have to consider bankruptcy.
Protect your patient data with Paubox
The cost of not maintaining your cybersecurity network can lead to millions of dollars in settling lawsuits or the complete obliteration of your healthcare organization. When it comes to ransomware, one of the top threats is email. A well-crafted phishing email can be enough for ransomware to start infiltrating your network and exfiltrating data.
Paubox Email Suite Plus has the robust inbound security tools to quarantine malicious emails like spam, viruses, ransomware, and phishing emails. These emails won’t even enter your employees’ inboxes and can help prevent human error.
It’s worth the cost to prevent cyberattacks than it is to become a victim of one.