UnityPoint Health patients are receiving notification of preliminary approval of a proposed class action settlement reached by UnityPoint Health in September related to two data breaches that exposed patients’ health records and personal data in 2018. UnityPoint Health in July 2018 had notified about 1.4 million patients that their records may have been breached when its business system was compromised by a phishing attack. The health system was also breached in April 2018 through a phishing attack on staff email accounts at its Madison, Wis., campus that potentially exposed the data of 16,000 patients, as reported by Healthcare IT News. The settlement class includes all the people whom UnityPoint had notified in 2018 that their personal information may have been exposed to unauthorized third parties as a result of cyberattacks. The proposed settlement offers one year of free credit monitoring, cash payments of up to $1,000 for out-of-pocket expenses related to identity theft or fraud, and up to $6,000 for documented extraordinary expenses. The U.S. District Court for the Western District of Wisconsin, where the suit was filed, will hold a final fairness hearing on the settlement on Feb. 19. More information about the settlement is available at uphsettlement.com.