developer settles security lawsuit for $294,000

A Florida company has agreed to pay nearly $300,000 to resolve allegations that it failed to secure personal information for a Florida children’s health insurance website that was hacked in 2020 for the data of 500,000 people.

On Tuesday, March 14, the U.S. Attorney’s Office for the Middle District of Florida announced that Jelly Bean Communications Design, LLC and its owner Jeremy Spinks have agreed to settle the claims for $293,771.

According to court records, the Florida Healthy Kids Corporation (FHKC) contracted Jelly Bean for website design, programming, and hosting services on October 31, 2013.

The FHKC is a state-created entity that offers health and dental insurance for Florida children between the ages of 5 and 18. The organization receives federal Medicaid funds and state funds to provide children’s health insurance programs.

The agreement required that Jelly Bean provide a fully functional hosting environment that complied with the protections for personal information required by the Health Insurance Portability and Accountability Act of 1996.

Jelly Bean, which was partially owned and operated by Spinks as the sole employee, agreed to adapt, modify, and create the necessary code on the webserver to support the secure communication of data as part of the agreement.

Between 2013 and 2020, Spinks created, hosted, and maintained for FHKC. As part of the website, Spinks created an online application through which parents and others entered data to apply for state Medicaid insurance coverage for children.

In early December 2020, more than 500,000 applications submitted through the website were revealed to have been hacked, potentially exposing the applicants’ personal identifying information and other data. The United States federal government alleged that Jelly bean was running multiple, outdated and vulnerable applications, including some software that had not been updated or patched since November 2013.

In response to the data breach and Jelly Bean’s cybersecurity failures, the website’s application portal was shut down in December 2020.

“Safeguarding patients’ medical and other personal information is paramount,” said U.S. Attorney Roger Handberg for the Middle District of Florida. “This settlement demonstrates the commitment by my office and our partners to use every available tool to protect Americans’ health care data.”

Most Popular

Star Wars, X-Men, Game of Thrones actors headline MegaCon Orlando this week

Multiple actors who have starred in the biggest film and television franchises in the world will make headline the return of MegaCon to Orlando this week.

73-year-old struck, killed while walking on Turnpike

A 73-year-old man was killed after he was struck and run over while he was attempting to cross the Florida Turnpike last night.

Brightline completes $100 million train facility near Orlando International Airport

Brightline has finished work on a $100 million train facility that brings Orlando International Airport one critical step closer to connecting trains across the region later this year.

JAM Hot, Chicken Fire, Stasio’s lead Orlando on Yelp’s Top 100 Restaurants in Florida

Twelve restaurants in the Orlando area were ranked among the top 100 establishments across the state of Florida.

Road rage shooting injures one in Winter Springs, police looking for suspect

Law enforcement authorities are asking the public for any information that may help them find the vehicle and person responsible for a road rage shooting that injured a man on Tuesday morning.

14-year-old accuses family friend of raping her at grandmother’s Osceola County residence

A 24-year-old man is being accused of having sex with a teenager at her grandmother's home in Osceola County.
broken clouds
77.3 ° F
80.1 °
73.9 °
53 %
75 %
79 °
83 °
85 °
92 °
90 °