The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

Posted By on May 19, 2022

A $9.76 million settlement proposed by Solara Medical Supplies to resolve a class action lawsuit related to a 2019 data breach has received preliminary approval from the court.

Solara Medical Supplies, which provides products and services to help people manage their diabetes, was the victim of a phishing attack that saw employees’ Microsoft Office 365 email accounts accessed by unauthorized individuals between April 2, 2019, and June 20, 2019.

The email accounts contained the protected health information of patients and sensitive employee information, including names, dates of birth, billing and claims information, health insurance information, medical information, financial account information and credit card numbers, Social Security numbers, driver’s license numbers, state ID numbers, and Medicare/Medicaid IDs. The breach was reported to the HHS’ Office for Civil Rights as affecting 114,007 individuals.

Legal action was taken on behalf of the individuals affected by the breach, with the class including all individuals residing in the United States and its territories who were notified in November 2019 that their information had been exposed. The plaintiffs alleged Solara Medical Supplies was negligent for failing to prevent the breach.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Solara Medical Supplies denies any wrongdoing and liability and believes there are meritorious defenses and legal challenges to the plaintiffs’ claims; however, agreed to settle the lawsuit to prevent further legal costs and to avoid the uncertainty of litigation.

Under the terms of the settlement, a fund of $5.06 million will be created to cover costs associated with the administration of the settlement, attorneys’ fees, and payments to class members. All individuals who submit a valid claim will be eligible to receive a cash payment of $100, which may be adjusted up or down depending on the number of individuals who submit a claim.

Solara Medical Supplies has committed to taking steps to improve security to prevent further data breaches, such as implementing systems for detecting suspicious activity, multifactor authentication, improvements to email filtering, and other security measures, which have been estimated to cost $4.7 million over the next 5 years.

The settlement has received preliminary approval from the court and a final hearing for the settlement has been scheduled for September 12, 2022. The deadline for submitting a claim is August 8, 2022, and the deadline for objecting to the settlement or requesting to be excluded from the settlement is August 22, 2022.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist