Summary
In December of 2009, two laptops containing sensitive information were stolen from the health insurance provider AvMed's corporate headquarters, leading to a breach of 1.2 million customer records. Such data breaches often cause a significant amount of financial, reputational, and organizational hardship for companies. However, the ensuing class action legal battle from the AvMed case has set a new legal precedent for monetary reimbursement for breach victims. This outcome concerns all US organizations who store or process personally identifiable information (PII). In this report, we will discuss the relevant details of the AvMed case and what security and risk (S&R) pros should do (hint: encryption is only one part of the equation) to prevent their organizations from becoming embroiled in potentially costly breach litigation over the loss of PII.
- Stay ahead of changing market and customer dynamics with the latest insights.
- Partner with expert analysts to make progress on your top initiatives.
- Get answers from trusted research using Izola, Forrester's genAI tool.