Berry, Dunn, McNeil & Parker Agree to $7.25 Million Data Breach Settlement
Berry, Dunn, McNeil & Parker, LLC (BerryDunn) has agreed to settle a class action lawsuit that alleged negligence for failing to prevent a data breach that affected more than 1.1 million individuals. BerryDunn has agreed to establish a $7.5 million settlement fund to cover attorneys’ fees, legal costs, expenses, and claims from class members.
BerryDunn is a Portland, ME-based accounting and consultancy firm that provides services to several industries, including health data analytics services to healthcare providers, health insurers, and government regulatory and healthcare policy agencies. The BerryDunn Health Analytics Practice Group contracted with a managed service provider, Reliable Networks of Maine, to manage its systems, and was notified on September 14, 2023, that there had been a breach of its systems.
The investigation confirmed hackers had access to the personal and protected health information of 1,107,354 individuals, including their names, addresses, dates of birth, Social Security numbers, health insurance policy numbers, Medicare or Medicaid numbers, state or governmental ID numbers, passport numbers, and medical information. Notification letters were mailed to the affected individuals in April 2024 and complimentary credit monitoring and identity theft protection services were offered to those individuals.
Legal action was taken by individuals affected by the data breach and the lawsuits were consolidated into a single suit – In re: Berry, Dunn, McNeil & Parker Data Security Incident Litigation, in the U.S. District Court for the District of Maine. BerryDunn chose to settle the lawsuit with no admission of wrongdoing and liability to avoid the risks and costs associated with continuing the litigation.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Under the terms of the settlement, class members may submit a claim for up to $5,000 in reimbursement for documented losses incurred as a result of the data breach. Class members who did not incur any losses or who do not wish to submit a claim may choose to recent a cash payment of $100 which will be paid pro rata once costs, expenses, and claims have been deducted from the settlement fund. The cash payments may be higher or lower than $100 depending on the claims received. In addition to claim and cash payments, class members will receive 3 years of complimentary credit monitoring and identity theft protection services, valued at $270.
The settlement has received preliminary approval from the court and claims must be submitted by May 22, 2025. Individuals wishing to object to or exclude themselves from the settlement must do so by May 7, 2025. The final approval hearing has been scheduled for June 6, 2025.
