Baltimore-based LifeBridge Health has agreed to pay $9.5 million to settle a lawsuit over a May 2018 data breach that compromised the protected health information of 530,000 patients, Top Class Action reported Oct. 3.
LifeBridge Health hasn't admitted any wrongdoing, but agreed to the settlement resolving allegations that it failed to protect patient information, as well as allegations suggesting that it could have prevented the data breach with reasonable cybersecurity measures.
The breach compromised information such as patient names, dates of birth, Social Security numbers and more.
Under the settlement, affected patients can receive reimbursement for lost time and other ordinary and extraordinary losses resulting from the data breach.
LifeBridge Health also agreed to invest $7.9 million to make cybersecurity improvements, which include encryption of sensitive data, tracking software for biomedical devices, network monitoring, regular maintenance, annual security training, enhanced account security, two-factor authentication and more.