Tricare Beneficiaries File Class Action Lawsuit Complaint Against Department of Defense and Tricare Over Alleged Data Breach.
A class action lawsuit has reportedly been filed against the United States Of America’s Defense Department and Tricare Health Management Activity (“Tricare”) in the United States District Court for the District of Columbia on behalf of Tricare beneficiaries whose records (including patient information including clinical notes, laboratory tests, prescriptions, diagnoses, treatment information, and provider names and locations) were allegedly on a computer tape that was allegedly stolen from a Science Applications International Corp. (“SAIC”) employee’s car in Texas, according to a DoD & Tricare SAIC Data Breach class action lawsuit news report.
If You Have Thoughts On The DoD & Tricare SAIC Data Breach Class Action Lawsuit, Share Your Class Action Comments Below.
1. Why was the info transported to an off-site location?
2. Why was it transported in a POV and not a company car?
3. Why were the tapes left unattended, out of the employee/s’ care?
4. Was the employee/s investigated as possibly having sold the info?
5. Were the tapes recovered?
6. If so, who had the tapes and are he/she/they being prosecuted?
7. If they are being prosecuted, what are the charges?
8. SAIC has some nerve not giving patients/victims the choice of what credit monitoring system to use. Instead, they want patient/victims using their company-owned credit monitoring which is ridiculous.
9. Why does SAIC have access to patient/s’ personal information anyway? I know that I didn’t sign a non-disclosure agreement to release my SSN to them. There was a situation in Oahu, Hawaii where
the govt had contracted to issue moving violations. Turns out they were in the wrong to allow release of SSN’s. Is that the case, as well, here?
This is not the first time that TRICARE information has been stolen. I would like to know what is being done about it and what those who have stolen the information are using it for. I am furious right now that this has happened to my family and me for the THIRD time!
The following is being done:
1) http://www.soldierfinance.com/2011/10/14/tricare-sued-data-loss-leads-to-4-9-billion-class-actions-lawsuit/
2) http://www.alertboot.com/blog/blogs/endpoint_security/archive/2011/12/13/data-encryption-saic-sued-over-tricare-breach.aspx
I ponder the same things. I have been asked various questions about my travel and working for two gov’ts since this.
Thisi s the second time my families personal helath information has been compromised under TRICARE and Companies being paid what I am sure are signficant amounts of money to use even minimal information security standards. I think SAIC should be required to pay every single person effected by this negligence the sume of five years worth of Identify Theft protection. This is paid directly to every person and not theft protection services. Until Companies are financially responsible to the individuals for careless information security practices, nothign will change. I am furious and would liek to know more about the employee who was responsible for the loss. How does anyone know this was a loss and not a setup to provide groups access to this information. The statement “cant be accessed becuase it requires special software….” is comical and no one effected should consider your information still secure.
I would like for someone to contact me with an attorney handling the class action. please. Thankyou.
Did you find anything out how to be a part of the lawsuit? This is our 2nd time having things lost/stollen from VA and Tricare.
Info on the Class Action Lawsuit:
http://www.alertboot.com/blog/blogs/endpoint_security/archive/2011/10/14/data-breach-cost-4-9-billion-for-tricare-breach-aka-1000-per-person.aspx
I too would like to know why my personal information was handed over to a contractor (SAIC). Not only does this threaten our identity and credit i.e. social security numbers, but what about HIPPA? I never signed documents allowing SAIC, it’s employees, or the thief to have access to my health information nor did my wife or kids. Also why is it that a letter from SAIC was sent to me and my wife, and not my kids as well? They all, including myself were seen in San Antonio from 1999-2003. There information was stolen too! In the credit monitoring letter from SAIC they want me to include my social security number on the credit monitoring form and mail it to them? They lost it once! I would also like to hear from the law firms handling these suits.
How would I join the class action lawsuit?
I think SAIC has demonstrated poor Quality Assurance with their procedures and internal controls. I have called the 855 number multiple times and gotten different information, conflicting information and technically incorrect information. Most recently I had a 3 way call with an SAIC person, myself and a representative from the 855 call center. The call center said that the tapes were encrypted and the SAIC VP told me that they weren’t.
Federal regulations require that sensitive data be encrypted when transported, SAIC states that their contract doesn’t require that they encrypt their data.
I’d like to know why DOD is exempt from Federal Law.
I’d like to know why SAIC is not doing a better job of quality control of their call center.
I’d like to know why SAIC is not be fined $25,000 for each record released as allowed by the HIPAA.
I’d like to know why DOD has only required SAIC to provide credit monitoring for 1 year (why only one year) and why not medical record monitoring (at least one other organization with a data breaches provided 2-years credit and medical record monitoring)
I’d like to know why the States haven’t filed suit against SAIC and DOD as permitted by law.
I’d like to know how my record was compromised since I had not been since in the Texas area and not the in South or West region in 22 years (which is beyond the 20 year window reported at risk).
I have had certifications in IT Security, HIPAA IT Security, 25 + years experience with medical information systems.
I would like to offer my assistance with the class action.
Call Richard Coffman 4098337700
Can you tell me where I can find out about all of the class action lawsuits being filed?
I have dealt with Tricare issues as a military spouse for over 10 years. It is hard to find a lawyer in Texas willing to sue Tricare. I have documented proof that they violated HIPPA with my records and repeatedly released them to my ex-husband, who is also military. If a lawyer reads this and wants a good, solid case they can contact me.
I have just gotten notification that my wife’s information was stolen. I am mad as hell and need a lawyer!
I just got the letter and yet this is the second time the military has had my information stolen from back up tapes/computers. This is absolutely crazy. Any information on joining in on the class action lawsuits-please let me know!
You are automatically included in the lawsuit if you have recieved a letter from SAIC or Tricare.
You also have the right to EXCLUDE yourself and sue on your own.
There is a lawyer in tx named richard coffman 4098337700. CALL HIM! because something needs to be done
This is a violation of HIPPA if they don’t have to pay then why do we have these regulations? I want to be part of the class action law suit we just received our letter today and thought it was a scam until I started to research it. Why on earth was a personal vehicle used and why was it left unattended…. Hello….. what were you thinking.
I have contacted my congressman, SAIC, Kroll, and I am researching if any of the major news agencies have covered this. I spoke with the lady from Kroll and asked why they are only monitoring one of the three credit agencies and she didn’t realize there were three agencies. What if it takes them a year to crack the data….what then? Is there a class action lawsuit on this? I believe that when information from 4.9 million people have been compromised there is a definite problem, especially when this has happened on multiple occasions.
I found the law firm that is handling the 4.9 billion dollar class action lawsuit. I believe the attorney’s name is David Watkins. They are asking for credit monitoring and 1,000 dollars for each person’s information that was compromised. To find out more about them or to contact them, I am including their website.
http://www.shulmanrogers.com/contact.html
Finally got letters for my daughters this week, but not for my son’s. Not hearing much more about this in the news. And I have not seen it in national news. You pretty much have to dig for information on this. I think TRICARE and SAIC are trying to keep this really quiet.
Last week, my husband received the letter from SAIC. I thought it was a hoax and ignored it. This week I received a letter addressed to me. I called Tricare and they referred me to SAIC at 855-366-0140. I asked why we were not notified by Tricare. The Tricare rep said that they have been told to refer beneficiaries to this number. I called the number and was told that the letter is legitimate. I could obtain more information on the Tricare website. I went to the Tricare website where news bulletins are posted about the theft. All this has been going on while proposals to increase Tricare fees are being considered. This is a travesty. In the private sector, large fines and lawsuits result from HIPAA violations. We need an organized effort to litigate this matter. I for one have had enough.
Well my friends i contacted the law firm thats handling the class action case and from what i was told they are currently only handling those in texas however if you live in another state such as i do he is currently collecting information based only on what he is told for example: i live in california i made a call to him and he was unaware that anybody who lived in california was affected and thus is making acception to texas and now i will be appointed as the representative of california for those of you who are affected and do currently live in california but you should absolutely contact him the info is
Richard Coffman: 409-833-7700
We also are in Ca and got letters about this.
i would highly recommend that you contact Richard Coffman’s firm and present your info so he can include you in the class act law suit
SAIC is not exempt from Federal law and this goes FAR beyond credit monitoring. I have been an IT security professional working as a contractor for years, and clearly SAIC and Tricare are both responsible.
The words NOT in my contract does not excuse SAIC for failing to follow specific laws. As a Certified Information System Security Professional (CISSP), I will be MORE then happy to help out the lawyers.
Based on the three notification letters my family and I received, it appears SAIC didn’t even encrypt the data (gross negligence with that many records). SAIC put some lame wording in their to cover up trying to obscure the fact that the data was NOT encrypted using a FIPS 140 approved algorythm.
Credit monitor cannot restore the potential harm or blackmail situations people could encounter with medical records being used against certain people.
Too many scenarios could come out of that nightmare… 🙁
This is a case of GROSS negligence and I encourage everyone to contact the lawyers.
Encourage everyone to spread the word and rally together.
Idiots! All of them! TMA/MHS/DHIMS and SAIC–especially SAIC! That SAIC employee should NEVER EVER be trusted with ANY information again for the rest of their irresponsible life! Also, the responsible parties, particularly SAIC and DHIMS, should pay punitive damages for their obvious attempts to minimize this loss and their intelligence insulting damage control efforts. This is nothing less than lies and cover-ups! Can you say H-I-P-P-A? Take some responsibility for your stupidity–and not just by offering some cheesy credit monitoriong service! Low risk my @**! Idiots!
To learn more about HIPPA, follow this link:
http://www.hhs.gov/ocr/privacy/
It is November 24th and I am just now hearing about this. The letter I received from SAIC, notifiing me of the breech, was dated November 15th. If this occured on September 14th why am I just getting notification two months later? What is a class action law suit going to do for the 4.9 million of us that now have to worry about our information being sold. Our names and adresses, with a list of the perscriptions we take, are out there somewhere. If this information is sold to the right people, it could be invaluable information to companies looking to hire people. So while there are things available to help protect you against identity theft, there is a lot of other information, now public, that you cannot do anything about.
Received my letter on Nov 26th! …. from a “civilian contractor?!!!.” Tricare never contacted me!!! Unbelievable.
Yes I would Like to be a part of the class action but seriously doubt any force can penetrate the DOD on such a large and dubious issue.
Considering the massive rash of catastrophic economic, and social national and global events, this could be but another financial scam?….or worse, a massive subversive action to harm the populous and conserve federal revenue and wealth. This seemingly places us even deeper in a panic to preserve our benefits, as many of us are not independently wealthy enough to pay out of pocket for our own health care. What I am suggesting is the fallout from this will not be better future protection from fraud and negligence save at the cost of continued cost of our exponentially declining privacy and freedoms. I got the letter for all three of my family members….my question is exactly how many people were affected? and how many will run to pay for something that should already be provided?…. and if they don’t pay how many will loose their identity and unrecoverable finances? either way, it results in a loss for the veterans AND there families. A win-win for the false (SAIC) mega corporation offering a false protection.
Ok, my husband and I spent ten years clearing our credit from our ex’s and we both have 3year old daughters. Now we finally have credit good enough to get a house and money in the bank to do it and guess what? We BOTH got a letter for each other! This is the LAST thing we need after spending 10 years busting our a** getting our credit clear and doing without in order to save!! I’m PO to say the least. We live in Virginia. I might not get but 3cents fom the suit, but how do I join to teach these idiots a lesson!?!
How does one go about joining the law suit? Do you forfeit the protection SAIC is providing for your credit records?
Any info would be great.
how do I join this?
TMA is responsible—
Received the SAIC letter in November for one of my four children. I called to activate the one year credit surveillance for her and specifically asked if any of my other family members effected. I was told definitively “no”.
A month later and yup, you guessed it, got three more of the exact same letter for my other three children, all minors.
One year is not sufficient compensation and SAIC has demonstrated to me they don’t have a firm handle on the breach. Absolutely astounded no accountability by TRICARE. This is why I am opposed to all the outsourcing over the last decade in DOD…Govt acts like they are no longer accountable to the people!\