Health Net & IBM Privacy Breach Settlement

Insurer settles claims that it violated California's patient privacy law

On December 10, 2013, Honorable Judge David Brown granted preliminary approval of a class action settlement in the Health Net data breach lawsuit. Filed in 2011, the lawsuit alleged that Health Net violated medical privacy laws when certain server drives that contained personal, medical, and/or financial information of patients went missing.

How do I Know if I’m Part of the Settlement?

The settlement includes all persons who were notified of the data breach on or about March 14, 2011, and whose personal, medical, and/or financial information was contained on the server drives that Health Net identified as missing.

What Benefits Does The Settlement Provide?

The settlement provides the following benefits to all eligible class members:

  • Two years of free AllClear ID Credit Monitoring (one additional year free if you previously accepted Health Net’s free credit monitoring offer);
  • A $1 million identify theft insurance policy and assistance with identity restoration;
  • Reimbursements for identity theft losses (up to $50,000); and
  • Increased security measures at Health Net.

To sign up for the free AllClear ID Credit Monitoring Protection Package, you must return the Election Form you received as a postcard via mail by April 21, 2014. To ask for reimbursement for identity theft losses you must complete and submit the “Reimbursement of Identity Theft Losses Claim Form,” by April 21, 2014. Additional information about the settlement can be found in the Class notice here.

If you have further questions about whether you are eligible for the settlement, or if you have received the notice and have additional questions, please fill out the form on the right or call Gibbs Law Group at (866) 981-4800.

Background: Health Net Data Breach Class Action Lawsuit

Health Net is a managed health care organization that provides health care services to 6 million patients nationwide. In March 2011, Health Net began notifying 1.9 million patients that their personal information was compromised following reports from IBM, Health Net’s information technology vendor, that several server drivers were unaccounted for at a data center in Rancho Cordova, California. IBM notified Health Net that it could not locate the servers in January 2011. According to Health Net, current and former policy holders’ information that was compromised includes patients’ names, addresses, medical information, Social Security numbers and financial information.

On March 22, 2011, Gibbs Law Group LLP filed a class action lawsuit on behalf of current and former Health Net members alleging that Health Net and IBM violated California’s patient privacy law known as the Confidentiality in Medical Information Act, which prohibits the unauthorized use, disclosure, and negligent maintenance or preservation of patients’ medical information and medical records.

Other Gibbs Law Group data breach cases and investigations

The attorneys at Gibbs Law Group work to hold companies accountable for data breach violations.

We have represented data breach victims in a number of lawsuits, including those concerning recent data breaches targeting Certegy Check Services and Health Net. We also represent plaintiffs in the Sony Pictures data breach, the Anthem healthcare security breach, and in In re Adobe Systems, Inc. Privacy Litigation, No. 13-CV-05226-LHK case.

Currently, we are investigating the Premera Blue Cross cyberattack announced in March 2015.

Gibbs Law Group founding partner Daniel C. Girard has also been appointed to the Consumer Cases Steering Committee in the pending class action lawsuit regarding the Target data breach.