Walgreens has been ordered to pay an Indiana woman $1.4 million in damages, all because one of its pharmacists made some poor decisions while caught up in a love triangle. Walgreens appealed the judgment, which an Indiana judge denied Nov. 14, confirming Walgreens’ negligence in the case.
The summary of events in Judge John Baker’s opinion reads like the plot of a bad soap opera. It starts with Abigail Hinchy (the plaintiff) and her on-again off-again boyfriend Davion Peterson: Hinchy gave birth to Peterson’s son in 2010, but at some point in 2009, Peterson started dating Audra Withers, a Walgreens pharmacist. Throughout her relationship with Peterson, Hinchy filled all her prescriptions at a Walgreens pharmacy, meaning Withers had access to her information.
When the case was tried in front of a jury, evidence showed Withers obtained Hinchy’s private health information and Social Security number, which she shared with Peterson. Peterson then shared the info with at least three other people. The jury found Walgreens vicariously liable for the breach, because it was negligent in training Withers to understand her role in keeping health records confidential, and Withers was “acting in the course of her employment” when she took Hinchy’s data.
“When you’re talking about protected medical history, we’re not talking about a selfie, we’re really talking about something very serious,” said Adam Levin, identity theft expert and chairman and co-founder of Credit.com. “There’s an enormous amount of information there that can be used to commit financial crimes.”
In this case, a Social Security number was compromised in addition to sensitive medical information. That’s a scary thought considering a Social Security number can be used to apply for credit in your name, access other medical records, file for a tax refund, and steal a person’s identity. If you’re worried your Social Security number has been compromised, you should monitor your credit regularly for signs of fraud. You can get copies of your credit reports for free once a year, and you can check your credit scores for free every month on Credit.com.
Employees like Withers are often the weak link in company data breaches.
“You can’t stop someone from doing something stupid, but unfortunately, doing something stupid can impact an entire organization,” Levin said.
Walgreens spokesman Phil Caruso told Credit.com that the company plans to appeal the decision.
More on Data Privacy:
- Identity Theft: What You Need to Know
- 3 Dumb Things You Can Do With Email
- How Credit Impacts Your Day-to-Day Life