On Thursday, consumers in the New York federal court argued that the Blue Cross Blue Shield Association cannot escape the class action claims it faces over a health insurance data breach and must be held responsible for failing to protect sensitive information.
The BCBSA proposed a bid to shake the data breach claims against Excellus BlueCross BlueShield, which is one of its licensees. Customers fiercely criticized this bid, contending that Excellus had signed a contract promising health care to federal workers and it would ensure the protection of consumer information.
The proposed class-action lawsuits, which began after hackers gained access to about 10 million consumer records, alleging that the company "failed to protect customer information, waited too long to tell customers about the breach and did not give customers adequate information about how to protect themselves in the wake of the breach."
BCBSA moved to toss the data breach claims against it last month, arguing that it merely entered into the contract on behalf of independent insurance companies that it licenses the Blue Cross and Blue Shield marks too.
Faraci Lange partner Hadley L. Matarazzo, who represents the customers, told Law360 that "BCBSA, as sponsors and administers of a health plan for federal employees, made certain promises regarding data security that they failed to live up to."