All Posts By

admin

U.S. Justice Department Files Civil Complaint To Stop Tennessee Pharmacies’ Unlawful Dispensing Of Opioids

By | Business Fraud, False Claims Act Litigation

On February 8, 2019, the U.S. Department of Justice unsealed a civil complaint filed in the Middle District of Tennessee against two pharmacies, their owner, and three pharmacists, to stop them from dispensing controlled substance medications, including powerful opioids that have been linked to abuse and diversion.

The civil complaint alleges that the defendants were dispensing and billing Medicare for prescriptions in violation of the Controlled Substances Act and the False Claims Act. According to the United States’ complaint, the defendants’ unlawful dispensing of opioids has been tied to the deaths of at least two people and numerous others have been treated at hospitals for serious overdoses within a short time of obtaining controlled substances from the pharmacies.

The complaint alleges that the pharmacies and pharmacists filled numerous prescriptions for controlled substances outside the usual course of professional practice and in violation of the pharmacists’ corresponding responsibility to ensure that prescriptions were written for a legitimate medical purpose. Specifically, the complaint alleges that the defendants routinely dispensed controlled substances while ignoring numerous “red flags” or warning signs of diversion and abuse, such as unusually high dosages of oxycodone and other opioids, prescriptions for opioids and other controlled substances in dangerous combinations, and patients travelling extremely long distances to get and fill prescriptions. The complaint further asserts that the pharmacies falsely billed Medicare for illegally dispensed prescriptions.

A federal judge has already issued a temporary restraining order in the case, and the United States seeks civil monetary penalties and treble damages.

In announcing the unsealing of the complaint, one of the U.S. Attorneys assigned to the case stated, “The civil complaint unsealed today contains disturbing allegations of high-risk dispensing practices by the defendants. Given the national public health emergency resulting from the opioid crisis in our nation, the U.S. Attorney’s Office will use every resource at our disposal, including seeking injunctive relief and civil monetary penalties as we have here, to stop pharmacies and pharmacists from continuing to abuse their dispensing authority to fuel this epidemic.”

The Special Agent in Charge of DEA’s local Field Division stated, “The action supported today by the Drug Enforcement Administration should serve as a warning to those in the pharmacy industry who choose to put profit over customer safety. Pharmacists serve on the front lines of America’s opioid epidemic and they share responsibility with physicians to protect those whom they serve from the dangers associated with prescription medications. We will be vigilant in holding them accountable.”

Source

If you have information regarding false claims having been submitted to Medicare, Medicaid, TRICARE, other federal health care programs, or to other federal agencies/programs, and the information is not publically known and no actions have been taken by the government with regard to recovering the false claims, you should promptly consult with a False Claims Act attorney (also known as qui tam attorneys) in your U.S. state who may investigate the basis of your False Claims Act allegations and who may also assist you in bringing a qui tam lawsuit on behalf of the United States, if appropriate, for which you may be entitled to receive a portion of the recovery received by the U.S. government.

Email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find qui tam lawyers who may handle your False Claims Act matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Pathology Lab Settles False Claims Act Allegations For $63.5M

By | Business Fraud, False Claims Act Litigation, Qui Tam Lawsuits, Qui Tam Litigation, whistleblower lawyers

The U.S. Department of Justice announced on January 30, 2019 that pathology laboratory company Inform Diagnostics has agreed to pay $63.5 million to settle allegations that it violated the False Claims Act by engaging in improper financial relationships with referring physicians. Inform Diagnostics, formerly known as Miraca Life Sciences Inc., is headquartered in Irving, Texas, and was a subsidiary of Miraca Holdings Inc., a Japanese company, during the relevant period. In 2017, majority ownership of the company changed and the company was renamed.

The settlement resolves allegations that Inform Diagnostics violated the Anti-Kickback Statute and the Stark Law by providing to referring physicians subsidies for electronic health records (EHR) systems and free or discounted technology consulting services. The Anti-Kickback Statute and the Stark Law restrict the financial relationships that health care providers, including laboratories, may have with doctors who refer patients to them. Although regulations adopted by the Department of Health and Human Services (HHS) in 2006 included provisions that allowed laboratories to provide EHR donations to physicians under certain conditions, the United States alleged that Inform Diagnostics violated those conditions. HHS withdrew those exemptions for laboratories in 2013.

The allegations stem from three lawsuits that were filed under the qui tam, or whistleblower, provisions of the False Claims Act, which permit private citizens to bring suit on behalf of the United States for false claims and share in any recovery. The whistleblowers’ share of the settlement has not yet been determined.

In announcing the settlement, an Assistant Attorney General of the U.S. Department of Justice’s Civil Division stated, “The Department of Justice has longstanding concerns about improper financial relationships between health care providers and their referral sources because those relationships can alter a physician’s judgment about the patient’s true health care needs and drive up health care costs for everybody. In addition to yielding a substantial recovery for taxpayers, this settlement should deter similar conduct in the future and help make health care more affordable.”

The case was investigated by the Civil Division’s Commercial Litigation Branch, the U.S. Attorney’s Office for the Middle District of Tennessee, the U.S. Attorney’s Office for the Middle District of Florida, the Department of Health and Human Services Office of Inspector General, and the Federal Bureau of Investigation. The cases are captioned United States ex rel. Dorsa v. Miraca Life Sciences, Inc., Case No. 13-cv-1025 (M.D. Tenn.); United States ex rel. LPF, LLC v. Miraca Life Sciences, Inc., et al., 3:16-cv-1355 (M.D. Tenn.); and United States ex rel. Heaphy, et al. v. Miraca Life Sciences, Inc., 3:18-cv-1027 (M.D. Tenn.).

Source

If you have information regarding false claims having been submitted to Medicare, Medicaid, TRICARE, other federal health care programs, or to other federal agencies/programs, and the information is not publically known and no actions have been taken by the government with regard to recovering the false claims, you should promptly consult with a False Claims Act attorney (also known as qui tam attorneys) in your U.S. state who may investigate the basis of your False Claims Act allegations and who may also assist you in bringing a qui tam lawsuit on behalf of the United States, if appropriate, for which you may be entitled to receive a portion of the recovery received by the U.S. government.

Email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find qui tam lawyers who may handle your False Claims Act matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Illinois Supreme Court Holds Aggrieved Person Under Biometric Information Privacy Act Need Not Show Actual Injury

By | Business Litigation, Class Action Lawsuits, Data Breach

The Supreme Court of the State of Illinois (“Illinois Supreme Court” ) held in its opinion filed on January 25, 2019 that an individual need not allege some actual injury or adverse effect, beyond violation of his or her rights under the Biometric Information Privacy Act (“Act”) (740 ILCS 14/1 et seq. (West 2016)), in order to qualify as an “aggrieved” person and be entitled to seek liquidated damages and injunctive relief pursuant to the Act.

The Act was enacted in 2008 to help regulate “the collection, use, safeguarding, handling, storage, retention, and destruction of biometric identifiers and information.” § 5(g). The Act defines “biometric identifier” to mean “a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.” § 10. “Biometric information” means “any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual.”

The Act imposes numerous restrictions on how private entities collect, retain, disclose and destroy biometric identifiers. Section 15 of the Act (§ 15) imposes on private entities various obligations regarding the collection, retention, disclosure, and destruction of biometric indentifiers and biometric information. Among these is the following:  (b) No private entity may collect, capture, purchase, receive through trade, or otherwise obtain a person’s or a customer’s biometric identifier or biometric information, unless it first: (1) informs the subject or the subject’s legally authorized representative in writing that a biometric identifier or biometric information is being collected or stored; (2) informs the subject or the subject’s legally authorized representative in writing of the specific purpose and length of term for which a biometric identifier or biometric information is being collected, stored, and used; and (3) receives a written release executed by the subject of the biometric identifier or biometric information or the subject’s legally authorized representative.

Under the Act, any person “aggrieved” by a violation of its provisions “shall have a right of action *** against an offending party” and “may recover for each violation” the greater of liquidated damages or actual damages, reasonable attorney fees and costs, and any other relief, including an injunction, that the court deems appropriate. § 20.

In the case the Illinois Supreme Court was deciding,  Six Flags Entertainment Corporation and its subsidiary Great America LLC (“defendants”) own and operate the Six Flags Great America amusement park in Gurnee, Illinois. Defendants sell repeat-entry passes to the park. Since at least 2014, defendants have used a fingerprinting process when issuing those passes. The defendants’ system scans pass holders’ fingerprints; collects, records and stores ‘biometric’ identifiers and information gleaned from the fingerprints; and then stores that data in order to quickly verify customer identities upon subsequent visits by having customers scan their fingerprints to enter the theme park, making entry into the park faster and more seamless, maximizing the time pass holders are in the park spending money, and eliminating lost revenue due to fraud or park entry with someone else’s pass.

The plaintiff’s 14-year-old son visited defendants’ amusement park on a school field trip in May or June 2014, while the fingerprinting system was in operation. The plaintiff purchased a season pass for her son online. The plaintiff paid for the pass and provided personal information about her son, but he had to complete the sign-up process in person once he arrived at the amusement park. The process involved two steps. First, the plaintiff’s son went to a security checkpoint, where he was asked to scan his thumb into defendants’ biometric data capture system. After that, he was directed to a nearby administrative building, where he obtained a season pass card. The card and his thumbprint, when used together, enabled him to gain access as a season pass holder.

The plaintiff’s class-action complaint alleged that neither the plaintiff nor her minor son were informed in writing or in any other way of the specific purpose and length of term for which his fingerprint had been collected. Neither of them signed any written release regarding taking of the fingerprint, and neither of them consented in writing “to the collection, storage, use sale, lease, dissemination, disclosure, redisclosure, or trade of, or for [defendants] to otherwise profit from, [the son’s] thumbprint or associated biometric identifiers or information.”

The defendants argued, and the intermediate appellate court agreed,  that  a plaintiff is not “aggrieved” within the meaning of the Act and may not pursue either damages or injunctive relief under the Act based solely on a defendant’s violation of the statute. Additional injury or adverse effect must be alleged. The injury or adverse effect need not be pecuniary, the appellate court held, but it must be more than a “technical violation of the Act.”

The Illinois Supreme Court stated that through the Act, the Illinois General Assembly has codified that individuals possess a right to privacy in and control over their biometric identifiers and biometric information. The duties imposed on private entities by section 15 of the Act regarding the collection, retention, disclosure, and destruction of a person’s or customer’s biometric identifiers or biometric information define the contours of that statutory right. The Illinois Supreme Court held that accordingly, when a private entity fails to comply with one of section 15’s requirements, that violation constitutes an invasion, impairment, or denial of the statutory rights of any person or customer whose biometric identifier or biometric information is subject to the breach. Such a person or customer would clearly be “aggrieved” within the meaning of section 20 of the Act and entitled to seek recovery under that provision (a person is prejudiced or aggrieved, in the legal sense, when a legal right is invaded by the act complained of or his pecuniary interest is directly affected by the decree or judgment.). No additional consequences need be pleaded or proved. The violation, in itself, is sufficient to support the individual’s or customer’s statutory cause of action.

Source

If your business is presently or may soon be involved in litigation in the United States, email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your business litigation matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Facebook Alleged To Have Promoted “Friendly Fraud” Through Children’s Games

By | Business Fraud, Business Litigation, Class Action Lawsuits

The Center for Investigative Reporting (“Reveal”) announced on January 24, 2019 in an article entitled, “Facebook knowingly duped game-playing kids and their parents out of money” that “Facebook orchestrated a multiyear effort that duped children and their parents out of money, in some cases hundreds or even thousands of dollars, and then often refused to give the money back, according to court documents unsealed” that span from 2010 to 2014.

Reveal analyzed more than 135 pages of documents that were recently unsealed as part of a class-action lawsuit focused on how Facebook allegedly targeted children in an effort to expand revenue for online games, such as Angry Birds, PetVille and Ninja Saga. The unsealed documents include internal Facebook memos, secret strategies, and employee emails that Reveal describes as painting a troubling picture of how the social media giant conducted business.

Reveal describes how Facebook encouraged game developers to let children spend money without their parents’ permission – something the social media giant called “friendly fraud” – in an effort to maximize revenues (“friendly fraud” is the term Facebook used when children spent money on games without their parents’ permission). Sometimes the children did not even know they were spending money but Facebook employees knew it: their own reports allegedly showed underage users did not realize their parents’ credit cards were connected to their Facebook accounts and they were spending real money in the games.

Reveal claims that Facebook denied requests for refunds when parents found out how much their children had spent (a child could spend hundreds of dollars a day on in-game features such as arming their character with a flaming sword or a new magic spell to defeat an enemy, even if they did not realize it until their parents received their credit card bills) and that Facebook employees referred to these children as “whales” – a term borrowed from the casino industry to describe profligate spenders.

Facebook reportedly had analyzed data on game revenue from children for the time period from October 12, 2010 through January 12, 2011 and found that children had “spent a whopping $3.6 million” during the three-month period. Facebook also found that more than 9 percent of the money it made from children was being clawed back by the credit card companies (the average chargeback rate for businesses is 0.5 percent, according to the Merchant Risk Council; the Federal Trade Commission said in an unrelated fraud case in 2016 that a 2 percent chargeback rate was a “red flag” of a “deceptive” business).

Facebook reportedly found that with regard to the Angry Birds game, about 93 percent of the time the refunds were a result of credit card holders not realizing the game was charging their account (Facebook found that the average age of those playing Angry Birds was 5). Reveal stated that rather than trying to stop children from making costly mistakes, a Facebook internal memo entitled “Friendly Fraud – what it is, why it’s challenging, and why you shouldn’t try to block it” stated that developers should just give free virtual items to users who complain, things such as flaming swords, extra lives and other in-game enhancements – this was better than refunding money to kids because, as the Facebook employee said in her message, “Virtual goods bear no cost.”

Facebook released the following statement in response to Reveal’s request for an interview:

“We were contacted by the Center for Investigative Reporting last year, and we voluntarily unsealed documents related to a 2012 case about our refund policies for in-app purchases that parents believe were made in error by their minor children. We intend to release additional documents as instructed by the court. Facebook works with parents and experts to offer tools for families navigating Facebook and the web. As part of that work, we routinely examine our own practices, and in 2016 agreed to update our terms and provide dedicated resources for refund requests related to purchased made by minors on Facebook.”

Source

If your business is presently or may soon be involved in litigation in the United States, email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your business litigation matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Security Breaches And Data Dumps

By | Cyber Security, Data Breach

A cybersecurity researcher has revealed in his blog a data breach made up of many different individual data breaches from thousands of different sources that consists of a set of email addresses and passwords totaling 2,692,818,238 rows, which he has designated as “Collection #1,” containing 772,904,991 unique email addresses along with 21,222,975 unique passwords.

The cybersecurity blogger cited a large collection of files on the popular cloud service, MEGA, which totaled over 12,000 separate files and more than 87GB of data.

Source

The Collection #1 data reportedly was first posted to underground forums in October 2018 and is just a subset of a much larger tranche of passwords being sold online for $45.00 by a seller who self-identifies as “Sanixer.” Sanixer reportedly admits that Collection #1 was at least 2 to 3 years old and is a mix of “dumps and leaked bases.” However, he allegedly offers for sale other “password packages” that total more than 4 terabytes in size and are less than one year old.

A cybersecurity expert states that a core reason so many accounts get compromised is that far too many people choose poor passwords, re-use passwords and email addresses across multiple sites, and are not taking advantage of multi-factor authentication options when they are available. The cybersecurity expert recommends instead of thinking about passwords, consider using unique, lengthy passphrases — collections of words in an order you can remember — when a site allows it. In general, a long, unique passphrase takes far more effort to crack than a short, complex one.

The cybersecurity expert suggests that if you are the type of person who likes to re-use passwords, then you definitely need to be using a password manager, which helps you pick and remember strong and unique passwords/passphrases and essentially lets you use the same strong master password/passphrase across all Web sites.

The cybersecurity expert further suggests that you go to twofactorauth.org and to see if you are taking full advantage of multi-factor authentication at sites you trust with your data. Multi-factor authentication helps because even if hackers manage to guess or steal your password just because they hacked some Web site, that password will be useless to them unless they can also compromise that second factor — be it your mobile device or security key.

Source

If your business suffered financial or other significant harm due to a cybersecurity breach in  the United States, email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to discuss whether your cyber security breach matter may be appropriate to be handled on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

U.S. Announces $269.2 Million Settlement With Walgreens In Two Civil Healthcare Fraud Lawsuits

By | Business Fraud, False Claims Act Litigation, Qui Tam Lawsuits, Qui Tam Litigation, whistleblower lawyers

The Department of Justice U.S. Attorney’s Office Southern District of New York (Manhattan U.S. Attorney) announced on January 22, 2019 that the United States filed and settled two healthcare fraud lawsuits against national pharmacy chain Walgreens Boots Alliance, Inc. (“Walgreens”) in which Walgreens must pay the United States and state governments a total of $269.2 million.

First Settlement – Insulin Pens

The U.S. alleged that Walgreens routinely submitted false days-of-supply data to federal healthcare programs when it sought federal reimbursement for insulin pens it dispensed to federal beneficiaries who did not need them. The U.S. alleged that Walgreens engaged in two practices that resulted in the fraudulent submissions: Walgreens configured its electronic pharmacy management system to prevent its pharmacists from dispensing less than a full box of five insulin pens, even when patients did not need that much insulin; and when a full box of insulin pens exceeded the federal healthcare program’s limit on the total days of supply (i.e., the total number of daily doses) that could be dispensed and reimbursed at that time, Walgreens allegedly evaded this restriction by falsely stating in its reimbursement claims that the total days of supply did not go over the limit. The U.S. contended that as a result, federal healthcare programs paid Walgreens millions of dollars for insulin that many beneficiaries did not actually need, and substantial quantities of valuable medication were wasted. The U.S. alleged that this conduct also opened the door to potential healthcare risks and abuse, such as the improper resale of insulin pens on the Internet.

The settlement requires Walgreens to pay approximately $168 million to the U.S., and Walgreens agreed separately to pay approximately $41.2 million to state governments. The settlement was approved on January 16, 2019 by a federal judge and was unsealed on January 22, 2019.

Second Settlement – Discount Drug Pricing

The U.S. alleged that Walgreens operated a program called the Prescription Savings Club (“PSC”) under which customers received discounts when they ordered drugs from Walgreens. Medicaid regulations required Walgreens to seek Medicaid reimbursement only at the lowest of certain drug price points, including the “usual and customary price” (“U&C price”). Medicaid rules of many states defined the U&C price as the price offered through discount programs like the PSC. Contrary to these requirements, Walgreens allegedly did not disclose to Medicaid the discount drug prices it offered customers through the PSC when it sought reimbursement from Medicaid. As a result, Medicaid programs paid Walgreens more in reimbursements than it would have paid had Walgreens disclosed the lower PSC prices.

The settlement requires Walgreens to pay a total of $60 million, of which approximately $32 million is to the United States and approximately $28 million will go to state governments. The second settlement was approved on January 15, 2019 by a federal judge and was also unsealed on January 22, 2019.

In both settlements, Walgreens admitted and accepted responsibility for conduct the U.S. alleged in its complaints under the False Claims Act. Both cases arose from lawsuits filed by whistleblowers under the False Claims Act.

Source

If you have information regarding false claims having been submitted to Medicare, Medicaid, TRICARE, other federal health care programs, or to other federal agencies/programs, and the information is not publically known and no actions have been taken by the government with regard to recovering the false claims, you should promptly consult with a False Claims Act attorney (also known as qui tam attorneys) in your U.S. state who may investigate the basis of your False Claims Act allegations and who may also assist you in bringing a qui tam lawsuit on behalf of the United States, if appropriate, for which you may be entitled to receive a portion of the recovery received by the U.S. government.

Email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find qui tam lawyers who may handle your False Claims Act matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Two Ukrainian Nationals Indicted For Hacking EDGAR Reports

By | Data Breach

The U.S. Attorney’s Office for the District of New Jersey announced on January 15, 2019 that two Ukrainian men have been charged for their roles in a large-scale, international conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems and profit by trading on critical information they stole.

The 16-count indictment alleges that from February 2016 to March 2017, the defendants and others conspired to gain unauthorized access to the computer networks of the SEC’s Electronic Data Gathering, Analysis and Retrieval (EDGAR) system, which is used by publicly traded companies to file required disclosures, such as annual and quarterly earnings reports. These filings contained detailed information about the financial condition and operations of the companies, including their earnings. Such information can, and often does, affect the stock price of the companies when it is made public, and is therefore highly confidential prior to its disclosure to the general public.

The EDGAR system allows companies to make test filings in advance of a public filing. These test filings often contain information that is the same or similar to the information in the final filing. The defendants allegedly stole thousands of test filings before they were released to the public, and sought to profit from their theft by using the information in the test filings to trade before the investing public learned the information.

The indictment alleges that in order to gain access to the SEC’s computer networks, the defendants used a series of targeted cyber-attacks, including directory traversal attacks, phishing attacks, and infecting computers with malware. Once the defendants had access to the test filings on the EDGAR system, they allegedly stole them by copying the test filings to servers they controlled. For example, between May 2016 and October 2016, the defendants extracted thousands of test filings from the EDGAR servers to a server they controlled in Lithuania.

The wire fraud conspiracy and substantive wire fraud counts with which the defendants are charged carry a maximum potential penalty of 20 years in prison and a $250,000 fine, or twice the gain or loss from the offense. The securities fraud conspiracy, computer fraud conspiracy, and substantive computer fraud counts with which the defendants are charged carry a maximum potential penalty of five years in prison and a $250,000 fine, or twice the gain or loss from the offense.

Source

If your business is presently or may soon be involved in data breach litigation in the United States, email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your data breach litigation matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Massachusetts Strengthens Its Data Breach Law By Adding Amendments

By | Cyber Security, Data Breach

Massachusetts Governor Charlie Baker signed a new law on January 10, 2019  that significantly amends and strengthens Massachusetts’ data breach notification law when it becomes effective on April 11, 2019.

A new requirement requires an offer of complimentary credit monitoring for a period of not less than 18 months when the data security breach involves a Massachusetts resident’s Social Security number. The new law requires that a person who experienced a breach of security that involves a resident’s Social Security number to “file a report with the attorney general and the director of consumer affairs and business regulation certifying their credit monitoring services comply with” the new requirement to offer complimentary credit monitoring services for a period of not less than 18 months. If the breach happened at a credit monitoring agency, the agency would have to provide three-and-a-half years of free monitoring.

The new law (i.e., amendments to the existing law) requires a rolling notification to individuals under certain circumstances (“A notice provided pursuant to this section shall not be delayed on grounds that the total number of residents affected is not yet ascertained. In such case, and where otherwise necessary to update or correct the information required, a person or agency shall provide additional notice as soon as practicable and without unreasonable delay upon learning such additional information.” ). The amended law also requires that the notice to individuals must identify the name of the parent or affiliated corporation if the organization that experienced a breach of security is owned by another person or corporation.

The amended law includes a new requirement to inform the state regulators “whether the person or agency maintains a written information security program.” Massachusetts regulations currently require “[e]very person that owns or licenses personal information about a resident of the Commonwealth [to] develop, implement, and maintain a comprehensive information security program.” 201 CMR § 17.03(1).

Credit reporting agencies will be required to provide a “security freeze” free of charge when a consumer requests it, and third parties to gain consumers’ written consent before obtaining credit reports for non-credit purposes. If someone requests a credit freeze from one credit agency, that agency would be required to tell them how to contact the other major credit agencies.

Upon request, a credit agency would be required to disclose what is in someone’s credit history and who the agency has provided a credit report to within the past six months, and up to two years for employment purposes.

A credit agency could not charge more than $8 for a copy of a credit report and could not charge at all if someone were turned down for a job, home rental or insurance due to poor credit during the past 60 days. The law sets out rules for disputing credit reports.

In signing the amendments into law, the Massachusetts Governor stated, “The improvements made to Massachusetts laws in this legislation are necessary to protect consumers from the consequences of data breaches that could expose personal information and to give consumers more control over their data and how it is used.”

Source

If your business is presently or may soon be involved in data breach litigation in the United States, email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your data breach litigation matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Massachusetts Data Breach Law

By | Cyber Security, Data Breach

The Massachusetts Data Breach Notification Law requires businesses and others that own or license personal information of residents of Massachusetts to notify the Office of Consumer Affairs and Business Regulation and the Office of Attorney General when they know or have reason to know of a breach of security. They must also provide notice if they know or have reason to know that the personal information of a Massachusetts resident was acquired or used by an unauthorized person, or used for an unauthorized purpose. In addition to providing notice to government agencies, they must also notify the consumers whose information is at risk.

Definition Of Data Breach

A data breach is the unauthorized acquisition or use of sensitive personal information that creates a substantial risk of identity theft or fraud. Data breaches can be the result of criminal cyber-activity, such as hacking or ransomware, or because of employee error, such as emailing information to the wrong person.

Definition Of Personal Information

The law defines personal information as a resident’s first name and last name or first initial and last name in combination with any 1 or more of the following data elements that relate to such resident:

(a) Social Security number;

(b) driver’s license number or state-issued identification card number; or

(c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident’s financial account.

Personal information does not include information that can be legally obtained from publicly available sources, such as addresses or birthdays.

Requirements For Reporting Data Breach

Within a reasonable amount of time after either the discovery of a breach or knowledge that personal information was obtained, the business or entity that was breached must notify both the Office of Consumer Affairs and Business Regulation and the Attorney General’s Office of the breach.

The notification must include:

  • A detailed description of the nature and circumstances of the breach of security or unauthorized acquisition or use of personal information;
  • The number of Massachusetts residents affected as of the time of notification;
  • The steps already taken relative to the incident;
  • Any steps intended to be taken relative to the incident subsequent to notification; and
  • Information regarding whether law enforcement is engaged investigating the incident.

Some data breaches are a result of a breach from a third-party vendor or other entity. For example, in addition to the regular reporting requirements, the law also requires financial institutions to report when a debit or credit card they issue is compromised. This means a breach may have occurred at a retailer but if the consumer used their bank issued card, the financial institution reports the breach as well.

Source

If your business is presently or may soon be involved in data breach litigation in the United States, email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your data breach litigation matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation

Over $2.8 Billion Recovered From False Claims Act Cases In Fiscal Year 2018

By | Business Fraud, False Claims Act Litigation, Qui Tam Lawsuits, Qui Tam Litigation, whistleblower lawyers

The U.S. Department of Justice announced on December 21, 2018 that the Department obtained more than $2.8 billion in settlements and judgments from civil cases involving fraud and false claims against the government in the fiscal year ending September 30, 2018.  Recoveries since 1986, when Congress substantially strengthened the civil False Claims Act, now total more than $59 billion.

Of the $2.8 billion in settlements and judgments recovered by the Department of Justice this past fiscal year, $2.5 billion involved the health care industry, including drug and medical device manufacturers, managed care providers, hospitals, pharmacies, hospice organizations, laboratories, and physicians.  This is the ninth consecutive year that the Department’s civil health care fraud settlements and judgments have exceeded $2 billion.  The recoveries included in the $2.5 billion reflect only federal losses but, in many of these cases, the Department was instrumental in recovering additional millions of dollars for state Medicaid programs.

In addition to combating health care fraud, the False Claims Act serves as the government’s primary civil remedy to redress false claims for federal funds and property involving a multitude of government operations and contracts.  These areas range from defense and national security to import tariffs and small business programs.

In 1986, Congress strengthened the Act by increasing incentives for whistleblowers to file lawsuits alleging false claims on behalf of the government.  These whistleblower, or qui tam, actions comprise a significant percentage of the False Claims Act cases that are filed.  If the government prevails in a qui tam action, the whistleblower, also known as the relator, receives up to 30 percent of the recovery.  Whistleblowers filed 645 qui tam suits in fiscal year 2018.

Of the $2.8 billion in settlements and judgments reported by the government in fiscal year 2018, over $2.1 billion arose from lawsuits filed under the qui tam provisions of the False Claims Act.  During the same period, the government paid out $301 million to the individuals who exposed fraud and false claims by filing these actions.

Source

If you have information regarding false claims having been submitted to Medicare, Medicaid, TRICARE, other federal health care programs, or to other federal agencies/programs, and the information is not publically known and no actions have been taken by the government with regard to recovering the false claims, you should promptly consult with a False Claims Act attorney (also known as qui tam attorneys) in your U.S. state who may investigate the basis of your False Claims Act allegations and who may also assist you in bringing a qui tam lawsuit on behalf of the United States, if appropriate, for which you may be entitled to receive a portion of the recovery received by the U.S. government.

Email us at info@businesslitigationcontingencylawyers.com or telephone us toll-free in the United States at 800-756-2143 to find qui tam lawyers who may handle your False Claims Act matter on a contingency basis.

BusinessLitigationContingencyLawyers.com – The Practical Solution For Business Litigation