SALEM PRINTING BUSINESS TO PAY $25,000 FOR IMPROPER DATA SECURITY PRACTICES AND DISPOSAL OF MEDICARE BENEFICIARY CARDS
BOSTON, Mass. - The United States has reached a settlement with a Salem printing business in connection with potential civil penalty claims under the False Claims Act.
United States Attorney Carmen M. Ortiz and J. Anthony Ogden, Inspector General of the United States Government Printing Office (GPO-OIG), announced today that PLASTILAM, INC., a printing business located in Salem, Mass., has reached a settlement with the Government, in connection with potential civil penalty claims under the False Claims Act, investigated by GPO-OIG and the U.S. Attorney’s Office.
Based upon facts developed in the course of the investigation, the United States contended that between August 2007 and August 2008, while working on a GPO contract to produce plastic Medicare beneficiary cards, PLASTILAM, INC. failed to take sufficient steps to safeguard confidential data, including the names and Social Security numbers of over 100 Medicare beneficiaries. The investigation revealed that a number of misprinted beneficiary cards were discarded, whole, in an unsecured dumpster. These cards were later scattered around a local park by area children before being recovered by local police.
PLASTILAM, INC. has agreed to pay $25,000 in settlement of the United States’ penalty claims, without admitting wrongdoing or liability. Based upon the Government’s investigation, it does not appear that any of the improperly safeguarded information was released deliberately, nor does it appear that any of the data was misused or stolen.
“We are committed to protecting the public by holding federal contractors who handle sensitive personal data, to the highest standards, “ said U.S. Attorney Ortiz. “Contractors who work with sensitive data must exercise vigilance in handling these materials. They must understand that even those data breaches are not due to deliberate misconduct, will be swiftly investigated and met with appropriate consequences.”
Inspector General Ogden said, “The GPO OIG takes seriously allegations of improper conduct by GPO contractors, especially those responsible for the handling and protection of sensitive information, such as citizens’ personally identifiable information (PII). I applaud the efforts of our investigators and the Department of Justice in bringing this matter to a meaningful resolution. While this is just one in a series of contract investigations our office is pursuing, this settlement should send a message that the breach of data security requirements and the compromise of PII will not be tolerated, and that we will hold accountable those administering and performing contracts for GPO.”
The investigation leading to the settlement was conducted by the Office of the Inspector General of the U.S. Government Printing Office. It was prosecuted by Assistant U.S. Attorney Zachary A. Cunha of Ortiz’s Civil Division.