Azura Vascular Care Agrees to $3.15 Million Data Breach Settlement
A settlement has been reached to resolve class action litigation against Fresenius Vascular Care, Inc., which does business as Azura Vascular Care. Azura Vascular Care is a Pennsylvania-based operator of 70 outpatient vascular centers and ambulatory surgery centers in 25 states and Puerto Rico. On October 9, 2023, Azura Vascular Care identified suspicious network activity, with the forensic investigation confirming that hackers had access to its network between September 27, 2023, and October 9, 2023, during which time they potentially stole the protected health information of patients.
The Azura Vascular Care data breach affected 348,000 patients and guarantors and involved information such as names, mailing addresses, dates of birth, contact information, emergency contact information, Social Security numbers, drivers’ license and state ID numbers, insurance information, diagnosis and treatment information, other information from medical or billing records, and guarantor information.
Legal action was taken against Azura Vascular Care over the data breach, with the plaintiffs alleging the defendants failed to implement reasonable and appropriate cybersecurity measures to prevent unauthorized access to its network and sensitive patient data. Azura Vascular Care denied and continues to deny any wrongdoing or liability; however, it chose to settle the lawsuit to prevent further legal costs and avoid the risks associated with continued litigation.
Under the terms of the settlement, a $3.15 million settlement fund will be created to cover claims from class members, attorneys’ fees, service awards for class representatives, and legal costs and expenses. Individuals who were sent a notification that they were affected by the data breach may submit a claim for reimbursement of documented losses incurred as a result of the data breach up to a maximum of $10,000.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Alternatively, class members may submit a claim for a cash payment, which will be paid pro rata once all claims have been paid, and attorneys’ fees and other costs have been deducted from the settlement fund. Azura Vascular Care has also implemented changes and enhancements to its data and information security program to better protect against cyberattacks and data breaches in the future. The cost of those upgrades is in addition to the settlement fund.
The deadline for objection to and exclusion from the settlement has passed. All claims must be submitted by or be postmarked by June 30, 2025. The settlement has received preliminary approval from the court, and the final approval hearing has been scheduled for June 16, 2025.
