- 1798.100 – Consumers right to receive information on privacy practices and access information
- 1798.105 – Consumers right to deletion
- 1798.110 – Information required to be provided as part of an access request
- 1798.115 – Consumers right to receive information about onward disclosures
- 1798.120 – Consumer right to prohibit the sale of their information
- 1798.125 – Price discrimination based upon the exercise of the opt-out right
April 23, 2021
USDC Northern District of California
Doe, et al.
Putative class action against a file transfer service provider and health care insurance provider. Defendants are alleged to have failed to protect sensitive personal and health information (including but not limited to names, home addresses, insurance ID numbers, social security numbers, health information, and medical history) of the health care insurance provider's members, resulting in access by unauthorized individuals. The data breach is alleged to have occurred on or about mid-December 2020 through January 2021. Members were notified of the data breach on or about March 24, 2021. Complaint alleges a violation of the CCPA §§ 1798.100, et seq.: failure to implement and maintain reasonable security procedures sufficient to prevent unauthorized access and disclosure of Plaintiffs' personal and health information. Plaintiffs also bring various claims for negligence, negligence per se, invasion of privacy, breach of confidence, and breach of contract.