Texas AG Settles With Pharmacy Company Over Identity Theft Charges
Texas Attorney General Greg Abbott announced an agreement with CVS Pharmacy Inc. that resolves the state’s April 2007 enforcement action against the nation’s largest retail pharmacy. CVS was charged with violating state laws that govern the disposal of customer records containing sensitive personal information.
Under an agreed final judgment obtained by the attorney general, CVS will overhaul its information security program. The program must be fully documented in writing and contain administrative, technical and physical safeguards designed to protect the personal information of CVS customers. CVS also will pay $315,000 to the State of Texas, which will be appropriated for the investigation and prosecution of other identity theft cases, pursuant to the Identity Theft Enforcement and Protection Act.
Under the agreement with the state, CVS must implement a new training program to inform its Texas employees about the company’s enhanced information security procedures. The employee training program must provide employees with a review of CVS’ privacy procedures and a review of state laws governing the disposal of customer records. The training program also must explain identity theft, its costs to individual consumers and businesses, and the importance of abiding by the company’s disposal program.
The Office of the Attorney General took legal action against the defendant after hundreds of documents containing customers’ personal information were unlawfully dumped behind a CVS store in Liberty, Texas. The investigation subsequently revealed numerous credit card receipts containing customers’ complete credit card numbers and expiration dates as well as a handful of prescription sleeves that included dates of birth, type of medicine prescribed, insurance company, and prescribing physician.
The AG’s office warned that although the investigation revealed no confirmed incidents of personal information being misused, consumers who interacted with CVS’ Liberty location should carefully monitor bank, credit card and any similar financial statements for evidence of suspicious activity.
Source: Texas Attorney General’s Office, www.texasattorneygeneral.gov
- PE Firm Cornell Sued Over $345 Million Instant Brands Dividend
- Allstate Thinking Outside the Cubicle With Flexible Workspaces
- Verisk: A Shift to More EVs on The Road Could Have Far-Reaching Impacts
- Fake Bear Attacks on Car for Fraudulent Insurance Claims Lead to Arrests