Skip Navigation

CVS Reaches Settlement on Texas Disposal Violation

Bookmark and Share

CVS is one company that could definitely use the NAID Compliance Toolkit since the Texas AG has forced them to take most of the steps included in it.

Last year, the Attorney General filed a charges because thousands of CVS's business records containing sensitive personal customer information were found in a trash dumpster behind a store in Liberty, Texas.


The State of Texas has now reached a settlement of those claims against CVS Pharmacy, Inc. Texas Attorney General Greg Abbott announced on March 26th that under an agreed final judgment, CVS will pay the state $315,000 and will overhaul its information security program.

The complaint asserted that CVS's conduct violated the legal requirement to destroy such information prior to its disposal.

Besides paying the fine, CVS must also implement a training program for its Texas employees regarding proper disposal of information. Additionally, it must appoint an officer of the company to oversee compliance with the company’s written policies and procedures.

Click here to read the settlement.

Click here to review the Texas AG release.