The state of Mississippi is set to receive $1.45 million after being named a recipient in two separate multistate settlements.
Attorney General Lynn Fitch announced that the settlements include $1.4 million from health care clearinghouse, Inmediata, for exposing the protected health information (PHI) of approximately 1.5 million consumers for almost three years.
Mississippi will also be included in a $10 million settlement with payment processor ACI Worldwide for a testing error that led to the attempted unauthorized withdrawal of $2.3 billion from the accounts of 477,000 mortgage-holders’ personal bank accounts in 2021.
“With consumers increasingly conducting business online, it is critical that companies be vigilant and proactive in protecting individuals’ personal and financial information,” Fitch explained. “I am pleased that these companies have agreed to restore impacted consumers and strengthen their security and notification practices to prevent future exposure.”
Fitch joined 49 other attorneys general in reaching the settlement with ACI Worldwide after the error affected 2,833 Mississippians. The state will receive $47,836.78 from ACI’s settlement.
The settlement also requires ACI to take steps to avoid any future incidents, including the requirement to use artificially created data rather than real consumer data when testing systems or software, and a requirement ACI segregate any testing or development work from its consumer payment systems.
In addition to this settlement agreement with state attorneys general, 44 state regulating agencies, including Mississippi Department of Banking and Consumer Finance (DBCF), reached a separate $10 million settlement with ACI.
“DBCF remains committed to ensuring that nonbank financial service providers maintain strong reporting, risk management and compliance programs to effectively safeguard customer information,” Mississippi DBCF Commissioner Rhoshunda G. Kelly said.
Mississippians affected by ACI’s testing error can submit claim forms in connection with a class action settlement and must do so by November 13, 2023.
Fitch also jointed 32 other attorneys general in the settlement with Inmediata after the coding issue impacted 7,399 Mississippians.
Under the settlement, Inmediata will make a $1.4 million payment to states, including $19,882.40 to Mississippi.
Inmediata has agreed to strengthen its data security and breach notification practices going forward, including implementation of a comprehensive information security program with specific security requirements include code review and crawling controls, development of an incident response plan including specific policies and procedures regarding consumer notification letters, and annual third-party security assessments for five years.