Whistleblower Receives $499K for Alleging Cybersecurity Failings in COVID Contact Tracing

Cybersecurity Whistleblower

On May 1, the U.S. Department of Justice (DOJ) announced that Insight Global LLC, a company hired by the Pennsylvania Department of Health to provide staffing for COVID-19 contact tracing, agreed to pay $2.7 million to resolve allegations that it violated the False Claims Act (FCA) by failing to institute adequate cybersecurity measures.

The case stems from a qui tam lawsuit filed against Insight Global by Terralyn Williams Seilkop, a former staff member who worked on contact tracing initiative. Under the FCA’s qui tam provisions, whistleblowers may file suits on behalf of the federal government if they know that an individual or company is defrauding the government.

In successful qui tam suits, whistleblowers are eligible to receive between 15-30% of the settlement. In this case, Seilkop will receive $499,500.

According to the DOJ, Insight Global understood that the personal health information of contact tracing subjects needed to be secure but it failed to do so. “For example, certain personal health information and/or personally identifiable information of contact tracing subjects was transmitted in the body of unencrypted emails, staff used shared passwords to access such information, and such information was stored and transmitted using Google files that were not password protected and were potentially accessible to the public via internet links,” the DOJ alleges.

“The resolution announced today reflects our continuing commitment to ensure that government contractors fulfill their cybersecurity obligations,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s Civil Division. “Failure to do so can compromise sensitive information of individuals and the government. The Justice Department will hold accountable those contractors who knowingly fail to satisfy cybersecurity requirements.”

The settlement is the latest under the DOJ’s Civil Cyber-Fraud Initiative which was launched in 2021. The Initiative is aimed at cybersecurity related fraud by government contractors and grant recipients.

On July 25, a bipartisan group of senators introduced the False Claims Amendments Act of 2023, which address a few technical loopholes undermining the success of the FCA. The bill is widely supported by whistleblower advocates.

“The False Claims Act is America’s number one fraud-fighting law,” said whistleblower attorney Stephen M. Kohn. “These amendments are urgently needed to ensure that whistleblowers can continue to play their key role in protecting taxpayers from corporate criminals.”

Kohn sees the passage of the False Claims Amendments Act as one of the seven most urgently needed whistleblower reformsNational Whistleblower Center (NWC), where Kohn serves as Chairman of the Board, has issued an Action Alert calling on Congress to pass the bill.

Join NWC in Taking Action:

Demand that Congress strengthen the False Claims Act

Further Reading:

Staffing Company to Pay $2.7M for Alleged Failure to Provide Adequate Cybersecurity for COVID-19 Contact Tracing Data

Bipartisan Legislation Unveiled to Strengthen False Claims Act

More False Claims Act Whistleblower News

Exit mobile version