What are the terms of the proposed settlement agreement?

A $115 million settlement fund will be established to pay claims for: (1) a minimum of two years of triple bureau credit monitoring and identity theft protection; (2) cash instead of credit monitoring for those who can show they already have a credit monitoring service that will cover them for the next year; (3) reimbursement of out-of-pocket costs traceable to the data breach.  In addition, the settlement fund will pay for fraud resolution services for any class members who accesses it during the pendency of the settlement, costs of notice and administration of the settlement, attorneys’ fees, and service awards to the named plaintiffs.

Under the terms of the settlement, Anthem will also enhance its information security practices to help protect the personal information stored on its databases from another cyberattack. This will include archiving databases with strict access controls and monitoring requirements, strengthening various data security controls, encrypting certain information, and guaranteeing a specified level of funding for Anthem’s information security.