Cybersecurity and data privacy are at the forefront of everyone’s mind, especially those of us who interact with the online world in a more comprehensive fashion and put our lives out there for everyone to see. There are many measures we can take to ensure that our data does not get into the wrong hands, but those all come crashing down when a dedicated hacker chooses to cause a data breach.
It is in the best interest of companies to have the best cybersecurity money can buy and to implement as many security measures as possible, but some companies are still unlucky and are targeted and in that case the only thing that they can do is offer a data breach settlement.
One of the most recent cases is that of Columbus Regional Health, who, between May 19 and May 21, 2023, experienced a massive cyberattack that affected more than 132,800 people. There was an investigation following the breach, which revealed the extent of the damages which concluded on December 28 of the same year. The hackers managed to get information about patients’ names, addresses, dates of birth, Social Security Numbers, medical history information, and health insurance, all related to their dealings with Columbus Regional Health.
When the investigation came to a close, a lawsuit was filed and a proposed data breach settlement of $1,17 million was reached, meaning that some people could qualify for payments up to $5,000 depending on the severity of the information released about them. The conclusion of the lawsuit revealed that, according to the affected individuals, the health system did not implement the necessary cybersecurity protections strongly enough to prevent their data from being put at risk.
Of course Columbus Regional Health disputed these claims and denied any wrongdoing, but still chose to resolve the lawsuit with a settlement, as the data had been breached under their watch. Not everyone that had their data stolen will qualify for the same amount of money as not everyone was damaged in the same way.
Who will qualify for the $5,000 compensation after the data breach
It will depend on the documented out-of-pocket losses that an affected individual will be able to prove. These losses can be:
- Unreimbursed losses related to fraud or identity theft.
- Professional fees, including attorneys’ fees, accountants’ fees, and credit repair services.
- Costs associated with freezing or unfreezing credit with any credit reporting agency.
- Credit monitoring costs incurred during or after the data breach while using the claims deadline.
- Miscellaneous expenses i.e. notary fees, fax, postage, photocopies, mileage, and long-distance calls.
For those who cannot prove significant losses, anyone affected may also request a pro rata cash payment from the Settlement Fund of $50 per claimant. This is not a lot of money, but if not enough people file the claims or are approved, the amount will increase and those who are eligible will be able to recoup more of their losses.
Those interested in claiming will need to have been informed by Columbus Regional Healthcare that their data was compromised in the data breach. If that is the case, you will have been identified by the Settlement Administrator as a Class Member, which will give you the right to submit a valid claim form to receive the benefits of the data breach settlement. Should you wish to exercise that right you will need to do so before April 2, 2025.
The claim form is available online on the Columbus Regional Data Settlement website and after the filing period has ended, the Court in charge of the case must still decide whether the settlement will be approved. The Final Approval Hearing is scheduled for April 9, 2025, at 2:00 p.m. E.T.