Apria Healthcare LLC breached its duty to defend the personal information of around 1.8 million patients that was disclosed in data breaches in 2019 and 2021, and waited more than two years to inform the victims, a new proposed federal class action alleged.
Lisa Smith alleged that Apria failed to implement adequate data-security practices for information that was a likely target for data thieves, and failed to properly monitor its network for intrusion.
Apria discovered the breaches in September 2021, but didn’t disclose them until May 22, 2023, in violation of state and federal breach-notification laws, according to a complaint ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.