Planning to sue Anthem? Prepare to prove injury - InsuranceNewsNet

Celebrating 20 years of being the industry’s number one news source!

InsuranceNewsNet

Sign in
  • Subscribe
  • About
  • Advertise
  • Contact
Home Now reading newswires
Topics
  • Life Insurance
  • Annuity News
  • Health/Employee Benefits
  • Property & Casualty
  • Advisor News
  • Washington Wire
  • Sponsored Content
  • INN Exclusives
  • Newswires
  • INNsider
  • INN Exclusives
  • NewsWires
  • Magazine
Sign in or register to be an INNsider.
  • INN Exclusives
  • NewsWires
  • ★ Regulation News
  • Magazine
  • About
  • Advertise
  • Editorial Staff
  • Contact
  • Susbcribe

Get Social

  • Facebook
  • Twitter
  • LinkedIn
  • Google+
Insider
newswires
newswires RSS Get our newsletter
Order Prints Share
May 19, 2016 newswires No comments Views: 0

Planning to sue Anthem? Prepare to prove injury

Indianapolis Business Journal (IN)

Since health insurance giant Anthem Inc. announced Feb. 4 that millions of customers' information had been stolen in a data breach, class-action lawsuits against the company have been filed in federal courts across the country.

Attorneys say the lawsuits are a way to provide a remedy for consumers and to hold the insurer accountable, but others say the complaints have an Achilles' heel: Although the breach is unprecedented and consumers fear their identities will be stolen, the plaintiffs may not have been harmed according to the law.

Lawsuits arising from data breaches are difficult to sustain, said Jeff Kosc, partner at Benesch Friedlander Coplan & Aronoff LLP. The biggest hurdle is to get standing, because the injury has to be "certainly impending" and not characterized as a possibility in the future.

"Proving specific causation and tying it to a specific data breach - that's difficult for the most knowledgeable security experts much less 'Joe Consumer,' " Kosc said.

Mark Fryman Jr., attorney at Starr Austen & Miller LLP in Logansport, framed the question of harm in terms of whether plaintiffs are entitled to damages.

To obtain damages for poor credit, consumers would have to prove their credit troubles were caused by the Anthem breach. However, Fryman contended the plaintiffs could be awarded damages for the time involved in protecting their credit as a result of the data leak. The judge and jury can put a value on the time consumers spent on the phone talking to creditors, monitoring their financial accounts, and making sure their credit is not compromised, he said.

Starr Austen & Miller has filed a class action against Anthem. All the lawsuits across the country are being consolidated into multidistrict litigation.

The Anthem breach is considered the largest to date. It has been estimated to impact as many as 80 million consumers and includes the release of personal information like Social Security numbers, birth dates, street and email addresses, and health care ID numbers.

When announcing the breach in early February, Anthem characterized the cyberattack as "very sophisticated." The company discovered the breach Jan. 29 and believes the attack started Dec. 10.

Before the Anthem breach, retailer Target Corp. had the biggest security breach in history. The store announced in January 2014 its system had been hacked and credit card and debit card information was stolen. Since then, other retailers have been hit, including Michaels Stores, Home Depot and Lowe's along with the financial institution JPMorgan Chase.

"We're going to keep seeing big breaches," said Fred Cate, Indiana University Maurer School of Law professor. "I don't think there's any question."

Threshold for injury

Cate, founding director of IU's Center for Applied Cybersecurity Research, does not think businesses realize they are vulnerable to hackers even when they see other companies get attacked. And, companies do not seem to regard a breach to be as big of a crisis as consumers do, he said.

Indeed, a recent IU Maurer report, "The Emergence of Cybersecurity Law," shows that corporate counsel are more concerned about the potential for damage to the company's reputation, loss of intellectual property, and regulatory action against the company following a breach than about potential lawsuits.

In a 2014 survey of corporate counsel conducted by Indiana Lawyer in partnership with Benesch, just 7 percent of respondents said managing risks of cybersecurity would be one of their top concerns this year.

Attorney Lynn Toops said companies know they are subject to cyberattacks but are not securing customer data.

Toops, an associate at Cohen & Malad, is part of the team working on the class action the firm has filed against Anthem. The goal of the lawsuit is to provide a "complete recovery" for the data breach victims and to send companies the message that they have to protect their consumers' personal information, she said.

The hardest work may be convincing the courts the plaintiffs have suffered harm.

A recent ruling by the U.S. Supreme Court in Clapper v. Amnesty International USA is seen as establishing the threshold for lawsuits where, the injury claimed is likely to be in the future.

There, the plaintiffs' claim that the federal government's surveillance program could harm them was rejected by the 5-4 majority which found future injury to be "too speculative to satisfy the well-established requirements that threatened injury must be 'certainly impending.' " The court concluded the plaintiffs did not have standing to sue because they did not link a specific injury to the surveillance.

Still, the $3 million settlement in 2014 of a class action after the data breach of AvMed shows that plaintiffs can succeed. The plaintiffs argued unjust enrichment and maintained the insurance provider was supposed to use part of their premiums to protect their personal information.

Cohen & Malad managing partner Irwin Levin and William Riley, partner at Price Waicukauski & Riley LLC, which has also filed a class action against Anthem, said they sense a shift in the courts. Judges better understand the consequences consumers can suffer when their personal data is stolen.

They pointed to the January arguments before the 7th Circuit Court of Appeals in Remijas, et al. v. The Neiman Marcus Group LLC.

The complaint had been dismissed by the district court on the grounds that shoppers who had their credit card numbers stolen were not injured since they would not be held accountable for any fraudulent charges. The 7th Circuit panel seemed sympathetic to the plaintiffs but a decision has yet to be handed down.

Of significance, the Anthem breach is different from the others in the size of the loss and the kind of personal information taken. Levin said the affected individuals will have to live with the worry for decades.

"I can't stress enough how alarming that is," Toops said of the Anthem breach. "It was a massive data breach of 80 million Social Security numbers, unencrypted. All those Social Security numbers for 80 million consumers are now in the hands of thieves."

Protecting consumers

Indiana Attorney General Greg Zoeller is championing Senate Bill 413 to strengthen laws on data collection and guarding information. Indiana law already limits the state from disclosing Social Security numbers and provides for criminal penalties for unauthorized disclosures.

Companies that are breached are required to notify Zoeller's office on the number of Hoosiers impacted.

However, the attorney general said a national solution is needed. Data breaches are not seen at retailers in Europe because those countries do not permit companies to collect and store consumer data. Likewise, Zoeller said, the U.S. government has to set the policy regarding the personal information of customers.

"I'm an advocate in favor of states' authority," Zoeller said, "but on something that's a national problem, frankly a state attorney general is not going to be in a strong position to fix it."

Levin and Riley agree the government should enact regulations to protect consumer information but they argue the courts have a role, as well. The justice system has proven it can help those who suffer an injury, and it can be more nimble than legislatures at handling rapidly evolving technology, they said.

In addition, the pair said the class actions can hold companies accountable. If nothing is done to penalize businesses for mishandling data, the problem of data breaches is only going to compound.

Cate does not believe the lawsuits arising from the Anthem debacle will do much. The plaintiffs, he said, will have to show actual harm instead of alleging, a possibility of harm.

"There have been hundreds of these cases or more [after data breaches]," Cate said. "With only one or two exceptions, the consumer plaintiffs always lose."

Information is power, Levin and Riley counter. And just having the consumers' personal information out there is harm enough.

They are not dissuaded by the work ahead to prove injury.

"We're hopeful Anthem will want to provide appropriate relief to our clients," Levin said, "but we're preparing for the long haul."

Older

Testing turnaround

Newer

Parents of autistic kids gird for showdown with Anthem

Advisor News

  • RIAs Getting Bigger Slice Of $7 Trillion Pie
  • Charitable Giving Has No Seat At America’s Holiday Table
  • Smaller Stocks Gain On Bigger Players As 2019 Closes
  • Securities America Says Goldstein & Associates Has Joined Its Hybrid RIA Platform
  • PA Dumps Dozens Of Hedge Funds In Cost-Cutting Move
More Advisor News

Annuity News

  • Annuity Sales Down 8.4% In 3Q; Up 7.5% Year-To-Date: Report
  • Wink Unveils Beefed Up AnnuitySpecs Tool
  • Plaintiffs Abandon Lawsuit Targeting Security Benefit Proprietary Index
  • NAIC Regulators Move Annuity Sales Model Forward
  • Robert Kerzner Joins PHP Agency’s Board Of Directors
More Annuity News

Health/Employee Benefits

  • Ex-NFL Players Charged With Trying To Defraud League Health Care Plan
  • Corporate Pensions Head For Extinction As Nature Of Retirement Plans Changes
  • Trump Says He’ll Expand Child Care, Paid Leave For Workers
  • Legal & General Retirement America Surpasses $1B In Premiums For 2019
  • HealthyWomen/WebMD Study: Women Don’t Discuss Health Concerns
More Health/Employee Benefits

Life Insurance

  • New York Life Is Going To The Super Bowl
  • Ladder To Launch In New York Via Relationship With Allianz Life
  • Sproutt Launches; Uses Data To Reward Healthy Life Insurance Customers
  • Caregiver Took Out Life Insurance On Florida Man, Then Killed Him, Police Allege
  • Nationwide Named Official Insurance Partner Of Minor League Baseball
More Life Insurance

Featured Offers

Text Ads

Press ReleasesAll press releases

  • Symetra Awarded ISO 27001 Certification for Cybersecurity
  • Equisoft Partners with Refinitiv to Deliver a Powerful Solution for Wealth Managers
  • Life Health Insurance, Investment and Retirement Planning Powerhouse AmeriLife® Expands its Platform of Advanced Life Insurance Services with Acquisition of Agent Support Group
  • Brookstone Capital Management Expands Darryl Ronconi’s Role, Naming Him President and Chief Operating Officer
  • WoodmenLife Launches Unified Selling Experience for Agents with iPipeline
Add your Press Release >

Topics

  • Life Insurance
  • Annuity News
  • Health/Employee Benefits
  • Property and Casualty News
  • Advisor News
  • Washington Wire
  • Regulation

Top Sections

  • INN Exclusives
  • INN Insider

Our Company

  • About
  • Editorial Staff
  • Advertise
  • Contact

Sign up for our FREE e-Newsletter!

Get breaking news, exclusive stories, and money- making insights straight into your inbox.

select Newsletter Options
Facebook Linkedin Twitter Google+
© 2019 InsuranceNewsNet.com, Inc. All rights reserved.
  • Terms & Conditions
  • Privacy Policy
  • Sitemap
  • AdvisorNews

Sign in with your INNsider Account

Not registered? Become an INNsider.