Digest 5.30.2019 The State AG Report Weekly Update


New York Attorney General Settles With Fraternal Order Over Allegedly Misusing Charitable Funds

  • New York AG Letitia James reached a settlement with Oneonta Lodge No. 1312 Benevolent Protective Order of Elks, Inc. (“Oneonta Elks”) to resolve allegations that it misused charitable funds in violation of state laws governing charities.
  • According to the AG’s office, Oneonta Elks allegedly misused funds from a benefactor by using them to pay for capital improvements to its lodge and property and general operating expenses, instead of using the funds for the purpose directed in the benefactor’s will of helping children, people with disabilities, and the elderly.
  • According to the AG’s office, under the terms of the settlement, Oneonta Elks must turn over all remaining funds to the New York State Elks Association Major Projects Corporation, Inc. for administration and repay $169,162 to the benefactor’s trust.

Consumer Protection

Bipartisan Coalition of 47 Attorneys General Urge Congress to Allow State and Territorial Enforcement Against Online Platforms that Permit Illegal Activity

  • The National Association of Attorneys General (“NAAG”) sent a letter, signed by a bipartisan coalition of 47 AGs, to congressional leaders proposing an amendment to the Communications Decency Act of 1996 (“CDA”) that would allow state and territorial authorities to enforce criminal laws against companies that facilitate and profit from illegal online activity.
  • In the letter, the AGs argue that current precedent interpreting the CDA precludes states and territories from enforcing their criminal laws against companies that provide platforms that facilitate criminal activities online—such as black market opioid sales, identity theft, and foreign intrusion—and promote an online environment that allows for these activities to remain profitable.
  • The AGs urge Congress to amend the CDA to remove restrictions on state and territorial criminal enforcement.

California Attorney General Obtains Judgments Against Telemarketers Over Allegedly Offering Deceptive Investment Recovery Services

  • California AG Xavier Becerra obtained judgments against telemarketing company The Davitt Corporation d/b/a Consumer Rights Legal Services and related individuals (collectively, “CRLS”) over allegations that they offered deceptive investment recovery services in violation of the state’s telephonic sales, false advertising, and unfair competition laws.
  • According to the AG’s office, CRLS allegedly made deceptive sales pitches via telephone for investment loss recovery services in exchange for up-front fees when CRLS, in fact, recovered nothing for consumers.
  • Under the terms of the default judgment against the company and final judgments against the related individuals, CRLS must pay $930,800 in penalties and $567,774 in restitution, and the AG’s office will recover almost $25,000 in additional restitution pursuant to a bond issued to CRLS under the state telephonic sales laws, among other things.

Colorado Enacts Bill Amending Consumer Protection Act

  • Colorado AG Phil Weiser joined Governor Jared Polis as he signed legislation that amended the Colorado Consumer Protection Act (“CCPA”) to further deter unfair business practices.
  • The new law, HB 19-1289, amended the CCPA’s existing requirement to demonstrate that a defendant had specific intent to commit a deceptive business practice to only require that the defendant’s act recklessly harmed consumers, added a “catch-all” provision to capture practices beyond the specific practices defined as fraudulent, and increased the maximum penalty for a violation of the CCPA from $2,000 to $20,000 per violation and from $10,000 to $50,000 per violation committed against an elderly person.
  • As previously reported, AG Weiser testified before the Colorado House Judiciary Committee in support of this bill in April 2019.

Data Privacy & Security

16 Attorneys General Settle With Electronic Health Records Company Over Alleged Data Breach

  • 16 AGs, led by Indiana AG Curtis Hill, reached a settlement with web-based electronic health records company Medical Informatics Engineering Inc. d/b/a Enterprise Health, LLC, K&L Holdings, and NoMoreClipboard, LLC (collectively, “MIE”) to resolve allegations that it failed to adequately protect patients’ electronic personal health information (“ePHI”) or respond to unauthorized access to its systems in violation of the federal Health Insurance Portability and Accountability Act (“HIPAA”) and state consumer protection, personal information protection, and data breach notification laws.
  • According to the complaint, MIE allegedly failed to implement industry-accepted data security measures or remedy vulnerabilities in its systems identified during testing, allowing hackers to breach its network and gain access to 3.9 million patients’ ePHI in May 2015, and failed to comply with HIPAA requirements imposed on third-party providers with access to health care providers’ ePHI files, among other things.
  • Under the terms of the consent judgment and order, MIE must pay $900,000 to the AGs’ offices, implement an information security program, require multi-factor authentication to access portals that contain ePHI, implement a Security Incident and Event Monitoring solution to detect and respond to attacks, ensure that system activity is logged and analyzed in close to real time, educate clients on strong password policies, and train employees on information security policies, among other things.
  • As previously reported, 12 AGs filed the lawsuit against MIE in December 2018.

Vermont Attorney General Settles With Software Supplier Over Alleged Failure to Secure Municipal Employees’ Information

  • Vermont AG T.J. Donovan reached a settlement with software supplier New England Municipal Resource Center, Ltd. (“NEMRC”) to resolve allegations that it failed to secure municipal employees’ information in violation of the state Consumer Protection Act.
  • According to the assurance of discontinuance (“AOD”), NEMRC allegedly failed to use appropriate encryption in storing municipal employees’ personally identifiable information (“PII”), maintained software on a cloud server that lacked basic data security features like antivirus software or endpoint security, failed to log attempts to access the server, and failed to engage in formal security audits or security-focused software reviews, among other things.
  • Under the terms of the AOD, NEMRC must pay $30,000 in civil penalties, implement an information security program with certain specifications, and train employees on information security risks, among other things.

Labor & Employment

Massachusetts Attorney General Settles With Energy Company Over Alleged Wage and Hour Violations

  • Massachusetts AG Maura Healey reached a settlement with retail energy company Eversource Energy Service Company, Inc. (“Eversource”) to resolve allegations that it failed to make timely and full payments to its employees in violation of state wage and hour laws.
  • According to the AG’s office, Eversource allegedly paid its employees incorrect rates for hourly, overtime, Sunday, nighttime, and emergency work and failed to program its payroll system to reflect differing rates, causing errors in processing hour and pay rates.
  • According to the AG’s office, during the course of the investigation Eversource paid $828,000 in restitution to employees, and under the terms of the settlement will pay $250,000 in penalties to the AG’s office.


Oklahoma Attorney General Settles With Another Opioid Manufacturer

  • Oklahoma AG Mike Hunter announced a settlement with opioid manufacturer Teva Pharmaceuticals USA, Inc. and its subsidiaries Cephalon, Inc., Watson Laboratories, Inc., Actavis, LLC, and Actavis Pharma, Inc. f/k/a Watson Pharma, Inc. (collectively, “Teva”) to resolve allegations that it engaged in deceptive marketing and misrepresented the risks of prescription opioid use in violation of the state’s Medicaid False Claims Act, Medicaid Program Integrity Act, Consumer Protection Act, and the common law.
  • According to the complaint filed against 13 manufacturers, Teva allegedly used deceptive promotional campaigns to convince healthcare providers to prescribe opioids and minimized the risks and overstated the benefits of long-term use of prescription opioids to treat chronic pain, causing submission of false or fraudulent claims for payment or approval from Medicaid.
  • According to the AG’s office, under the terms of the settlement agreement that is not yet finalized, Teva will pay $85 million in abatement to the state.
  • As previously reported, AG Hunter reached a similar settlement with Purdue Pharma L.P., Purdue Pharma, Inc., and The Purdue Frederick Company to resolve allegations raised in the same complaint in March 2019.
  • AG Hunter is currently in trial against Johnson & Johnson and its subsidiary, Janssen Pharmaceuticals, Inc., over allegations raised in the same complaint.

State AGs in the News

Oklahoma Enacts Bill Requiring Attorney General Settlement Funds Be Paid Directly to State Treasury

  • Oklahoma has enacted a law, Enrolled H.B. 2751, that requires any settlement funds from lawsuits in which the AG represents the interests of the state to be paid directly to the state treasury so that state legislators can decide how the funds are spent.
  • The legislation was enacted after Oklahoma AG Mike Hunter reached a settlement with opioid manufacturers Purdue Pharma L.P., Purdue Pharma, Inc., and The Purdue Frederick Company (collectively, “Purdue Pharma”) in March 2019 that required Purdue Pharma to pay $200 million to establish an endowment at the Oklahoma State University Center for Health Sciences Center for Wellness and Recovery, among other things, as previously reported.

State v. Federal

Bipartisan Coalition of 52 Attorneys General Urge U.S. Department of Education to Discharge Student Loans for Disabled Veterans

  • The National Association of Attorneys General (“NAAG”) sent a letter, signed by a bipartisan coalition of 52 AGs, to the U.S. Department of Education (“ED”) urging it to automatically discharge the student loans of veterans who are eligible for total and permanent disability (“TPD”) discharge.
  • In the letter, the AGs argue that the Higher Education Act does not require eligible veterans to affirmatively apply for TPD discharges in order to receive loan forgiveness and provides ED with automatic discharge authority, which would eliminate unnecessary paperwork processing by ED and ensure all eligible veterans receive a TPD discharge.
  • The AGs urge ED to develop an automatic discharge process for veterans who are eligible for TPD discharge with opt-out rights, halt collection efforts against these veterans, and clear their credit reports of negative reporting related to their student loans.