Not sure if you can sue, how ever you might want to look into the HIPPA law, which prohibits the disclosure of any personal information to any third party including a spouse.
You can get more info on www.lawexpert.com
2007-02-05 17:59:46
·
answer #1
·
answered by RSB 2
·
0⤊
0⤋
There are many laws that mandate information protection, and more than a few that punish breaches. Even general negligence law can be, and has been used to sue those who fail to take reasonable steps to protect confidential information. The problem with all of these laws is the fact that an affected person or regulatory agency must first find out that there has been a breach or deficiency, and then take some kind of regulatory action. Sure an IT security audit or other regulatory inspection might result in an enforcement action, or a hacker might choose to publicize the fact that they got in. But such circumstances are rare. More often than not, a company discovers either a vulnerability or an exploit, and as part of their incident response plan either corrects the problem or takes Herculean efforts to sweep it under the rug. interagency guidelines announced in March of 2005 by the Treasury Department would mandate that all regulated financial institutions have in place information response programs which include incident assessment procedures, identification of potential customer information that may have been accessed or misused, notifying not only the Treasury Department's Financial Crimes Enforcement Network, but also notifying the financial institution's federal regulator and law enforcement agencies. The guidance also notes that when a financial institution becomes aware of an incident of unauthorized access to sensitive customer information, the institution must conduct an investigation and if it appears likely that the information may be misused, it should "notify the affected customer as soon as possible." The law does allow notification to be delayed upon a written request by an appropriate law enforcement agency. If you can't determine whose information was affected by the breach, essentially you have to notify everybody whose information might have been compromised and which might reasonably be misused. The federal law requires not only notice but notice as part of an overall response program. It requires securing the data and preserving evidence relating to the incident as part of corrective measures to mitigate harm to the customers. Like the California law it only requires notice if a customer's name, address or telephone number in conjunction with their social security number, drivers license number, credit or debit card number or PIN or password or a combination of these that would allow unauthorized access to the customer's account. This does not require the entity that suffered the breach to help their customers resolve all their newfound issues. In other words, they don't have to put the customers on the credit fraud watch list (or even offer to do so), give their customers free credit reports, or even to pay the costs of unauthorized charges, account access, or the opening of new accounts resulting from the breach to their systems. We rely on the ordinary civil litigation system to achieve that result. Thus, your financial institution may simply tell you "Good morning -- your account has been compromised, and you are screwed -- have a nice day" and they will have complied with the law.
There's a case where a judge ruled that Wells Fargo should not be penalized for a data breach because there was no evidence that those who acquired the data had done anything criminal with it. This seemed like poor reasoning; Wells Fargo had no control whether anyone would use the data in a criminal manner, but it did have control over how it stored the data. In that case, data was lost because it was stored in an unencrypted format on a laptop. Arguably this was negligent but the line of reasoning is becoming standard. Another suit brought against data broker Axciom for letting customer data slip out was dismissed since the plaintiffs couldn't prove that anything bad had been done with it.
2007-02-06 02:24:56
·
answer #2
·
answered by JFAD 5
·
0⤊
0⤋
If it was shared with other bank employees usually you cannot do much except complain to the bank manager. If they are giving it out to other clients then they are in big trouble call an attorney -- go to lawguru.com - they have a forum that you can ask questions and an attorney will respond (in most cases). Worth a try though.
2007-02-06 01:59:40
·
answer #3
·
answered by DanielleC 2
·
0⤊
0⤋
You can sue anyone you want, Im not an attorney, but you can usually coonsult with one for free
So get about three consultations prepare some good questioins, once this is done you should have a good aidea on what direction you could take. First thing to do is to file a police report.
2007-02-06 02:00:39
·
answer #4
·
answered by jigadee 4
·
0⤊
0⤋
um yep! accounts (bank, phone, internet, video store) have account holders and authorised representatives. if they gave your info to some one unauthorised (unless maybe its the police or something) then they have breached terms and conditions of your account. good luck, just dont make them use my money to pay you when you sue them!
2007-02-06 01:58:59
·
answer #5
·
answered by Anonymous
·
0⤊
0⤋