Data Breach Victims: What Recourse Do You Have?
Businesses and other organizations routinely collect stores of information about their customers, clientele and others they deal with. This data can include detailed personal and financial details that can be misused in the wrong hands. Despite an organization’s best efforts to keep this data secure, it can be hacked, stolen and otherwise released to unauthorized third parties. Such breaches can be severely harmful to a person whose privacy has been compromised. If you become a victim of a data breach, you need to know what potential consequences there are and what legal remedies you may have.
A data breach can often result in the use of the information for illicit purposes. In many instances, the confidential data is used to commit identity theft. That is, a criminal will use the information to open debt-based financial accounts in the victim’s name, such as credit cards, store charge cards and personal lines of credit. This usually impacts the victim’s creditworthiness. Since employment, business and housing opportunities also can depend on an individual’s credit rating, the effects of having credit downgraded can be financially or even professionally devastating. Even if there is no immediate impact of a data breach, the victim may remain disadvantaged for years into the future.
Victims of data breaches usually have one or more remedies for any resulting losses. A qualified data breach lawyer can fully assess your situation and explain your options.
Certain types of breaches are covered under various federal statutes. For example, the Health Insurance Portability and Accountability Act (HIPAA) makes medical providers, health insurance providers and other entities liable for breaches of protected health information. The Fair Credit Reporting Act (FCRA) places restrictions on collection and distribution of consumer credit information. However, there is currently no all-encompassing federal law that shields an individual’s private data.
A West Virginia statute prohibits the unauthorized disclosure of a person’s social security number, driver license or state identification number or financial account, credit card or debit card number in a way that might allow unauthorized access. An organization that experiences a data breach is required to send victims notice that a breach has occurred and provide basic details about the information disclosed. Failure to do so can expose the organization to penalties. The state attorney general generally has exclusive authority to take action against an offending organization for “willful and repeated” violations of the West Virginia privacy statute. Depending upon the nature of the case, a victim may have contractual or other remedies available as well.
The Giatras Law Firm, PLLC in Charleston represents data breach victims throughout West Virginia. If you or a family member has had privacy compromised, feel free to contact us online or call 888-819-1281 for a consultation.