Phoenix-based Banner Health will pay $8.9 million to end claims from a 2016 data breach that exposed personal information of 2.9 million patients, according to Bloomberg Law.
A federal judge in Arizona on April 21 approved the settlement, which was reached in December. The settlement will pay each patient that is covered by the class action $500 and up to $2.9 million to the plaintiffs' attorneys.
"We are pleased to resolve this matter and will continue to work diligently in the best interests of our patients, employees and physicians," Becky Armendariz, senior director of marketing and public relations at Banner Health, said in an emailed statement to Becker's Hospital Review.
Banner Health on Feb. 10 began notifying people who were impacted by the cyberattack of a proposed class action settlement, Ms. Armendariz said. Banner Health's computer systems were compromised by a cyberattack in June and July of 2016. The unauthorized third party was able to view patient information including Social Security numbers, patient data and payment data.
Since the cyberattack, Banner Health notified impacted individuals, conducted an investigation and implemented safeguards to help prevent a similar incident from occurring again, according to Ms. Armendariz.
The health system created a website for anyone who was previously sent a notification that their personal information may have been compromised to learn more about the settlement and make a claim.