Aetna mails it in

Sometimes an envelope and poorly thought out patient privacy procedures are all you need for a data breach, as Aetna discovered last summer. The insurance company was, no joke, sending out letters in response to a previous privacy violation, notifying patients who took the HIV preventative PrEP about changes to ordering the medication. So they put this information in an envelope with a nice, oversized window where you can see the patient’s name and a reference to HIV prescriptions. That’s a patient privacy nightmare for any condition, and it’s made worse due to the stigma still surrounding the virus.  Aetna agreed to pay $17M to the patients last Wednesday, which will presumably come in the form of checks with the memo “We’re sorry about telling everyone about your HIV status.”

Now don't be stingy. Share this.Share on Facebook
Share on Google+
Tweet about this on Twitter
Share on LinkedIn