Humana Lawsuit – Data Breach of Medical Information

Consumer Protection Attorneys in California

On December 22, 2020, Humana was informed that an employee of a Humana subcontractor, Visionary, inappropriately used their access to your information to disclose information, in the form of medical records, to unauthorized individuals in an effort to provide medical coding training to those individuals for a personal coding business endeavor. The subcontractor discovered the incident on December 16, 2020. The activity occurred from October 12, 2020 through December 16, 2020.

Cotiviti is a vendor Humana uses for quality and data reporting to Centers for Medicare and Medicaid Services (CMS). Cotiviti provides systems that allow Humana to contact health care providers and request medical records necessary to verify data reported to CMS. Cotiviti utilizes a subcontractor, Visionary, to review the collected medical records.

In the incident described above, the Visionary employee, who was authorized to access and use the data for Humana purposes, disclosed the information to the unauthorized individuals through a personal Google Drive account.

Humana requires executed Business Associate Agreements with all organizations that perform any services on our behalf involving our members’ protected health information. This Business Associate Agreement requires Cotiviti to comply with federal Health Insurance Portability and Accountability Act (HIPAA) privacy regulations and to follow guidelines and policies established by Humana in maintaining the privacy and confidentiality of all protected health information. Humana also conducts assessments of business associates to verify that processes are being followed. Similarly, Cotiviti has executed Business Associate Agreements with their subcontractors that holds them to these same standards.

While identity thieves are becoming more sophisticated at breaking through the data protection of businesses, it is the company’s responsibility to provide the highest level of security for their consumers. This is especially true when medical information is involved. Medical information of the type lost here, is given special protection under California law.

(858) 293-4614 Call now to review your case with our Data Breach intake specialist. During this call, our intake specialist will review your claim regarding Humana Lawsuit. 

*HIPAA Violation – You may be entitled to damages or other remedies. If you received notice that your information was stolen due to a data breach incident, contact Potter Handy, LLP to join our class action lawsuit. No out-of-pocket expenses from you.

View example of what the letter looks like. If you received this letter contact our Law Firm.


What Information Was Involved?

The following information may have been included as part of the medical records involved in the incident:

  • Name
  • Date of Birth
  • Member Identification Number
  • Date of Service

Contact Our California Data Breach Lawyers

Have you received notice that your information was stolen due to a data breach incident? If so, you may be entitled to damages or other remedies.

Every day, insurance companies and health care providers lose protected medical information through careless acts, such as emailing third parties’ medical information or sending your personal information to third parties without any encryption or protection.

Our attorneys at Potter Handy, LLP have been instrumental in protecting privacy rights.

(858) 293-4614 Call now to review your case with our Data Breach intake specialist. During this call, our intake specialist will review your claim regarding Humana Lawsuit.