VisionPoint Eye Center Data Breach Victims Benefit from $750,000 Settlement
A settlement has been agreed to resolve class action litigation against VisionPoint Eye Center over an October 2024 data breach that affected almost 67,000 individuals. VisionPoint Eye Center, an ophthalmology and optometry service provider in central Illinois, determined that an unauthorized third party gained access to its network on or around October 3, 2024, and potentially stole files containing patient data. Information potentially compromised in the incident included names, medical record numbers, health insurance information, and medical information. The data breach was reported to the HHS’ Office for Civil Rights as involving the protected health information of 66,924 individuals.
Five class action lawsuits were filed in response to the data breach, which claimed that VisionPoint Eye Center could have prevented the data breach if it had implemented reasonable and appropriate security measures and adhered to industry-standard security best practices. The lawsuits were consolidated into a single complaint – Davis, et al. v. VisionPoint Eye Center – in the Illinois Circuit Court of the Eleventh Judicial Circuit, County of McLean.
The consolidated lawsuit asserted claims of negligence, negligence per se, breach of fiduciary duty, breach of implied contract, unjust enrichment, and violations of the Illinois Consumer Fraud and Deceptive Business Practices Act. VisionPoint Eye Center denies all claims in the lawsuit, all liability, and any wrongdoing. After considering the likely cost of continuing with the litigation and the uncertainty of a trial, all parties agreed to settle the litigation. Class counsel and the class representatives believe that the negotiated settlement is in the best interests of all class members.
VisionPoint Eye Center will establish a $750,000 settlement fund to cover attorneys’ fees and expenses, notification and settlement administration costs, service awards for the 13 named plaintiffs, and benefits for the class members. Class members may claim two years of single-bureau credit monitoring services, plus one of two cash benefits. A claim may be submitted for reimbursement of documented, unreimbursed losses resulting from the data breach up to a maximum of $2,500 per class member. Alternatively, class members may claim a one-time cash payment, which is anticipated to be $45, but may be decreased on a pro rata basis, depending on the number of claims received.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The deadline for opting out of and objecting to the settlement is February 2, 2026, and the deadline for submitting a claim is March 3, 2026. The settlement has received preliminary approval from the court, and the final fairness hearing has been scheduled for March 2, 2026.
