Health insurance provider Aetna is under fire for the accidental exposure of their clients' HIV status. Legal remedies are already in place as thousands of Aetna clients from various states complained about the privacy breach.
Aetna Mailer Envelopes
On July 28, about 12,000 clients of Aetna received a mailer that revealed more than the recipient's name and address. The envelopes had larger-than-usual windows, which exposed certain private medical information about their clients.
For instance, a mailer sent to a client in Brooklyn also revealed the beginning of the company's letter, evidently advising the client on HIV prescriptions. Similarly, others received mailers regarding Pre-exposure Prophylaxis for HIV, a regimen that acts kind of like an HIV vaccine. As a result, the clients whose private medical information was exposed immediately made their complaints known.
Aetna clients from Washington DC, California, Arizona, Illinois, New York, New Jersey, Ohio, Georgia, and Pennsylvania made their complaints to the Legal Action Center in New York, Legal Services NYC, Lambda Legal, Whitman-Walker Health, the AIDS Law Project of Pennsylvania, and few other legal firms.
On behalf of the Aetna clients, Legal Action Center New York and AIDS Law Project of Pennsylvania sent a cease and desist letter to Aetna, demanding the company to immediately stop sending mail exposing client's private medical information as well as to take serious corrective measures to ensure that such events will not happen again.
Aetna states that 12,000 clients probably received the mailer, but they remain unsure of exactly how many people were affected.
"This type of mistake is unacceptable, and we are undertaking a full review of our processes to ensure something like this never happens again," stated Aetna in a statement.
What Are The Implications Of This Privacy Breach?
First of all, and it is clearly written in the cease and desist letter, by exposing clients' medical information, Aetna has violated the Health Insurance Portability and Accountability Act (HIPAA) as well as other laws regarding health information confidentiality.
Under the HIPAA, health insurance companies such as Aetna are required to honor their clients' health information. Because of the large windows that exposed certain sensitive health information, some of their clients were devastated after neighbors, roommates, and family members learned of their condition through the privacy breach.
"Aetna's privacy violation devastated people whose neighbors and family learned their intimate health information. They also were shocked that their health insurer would utterly disregard their privacy rights," said Sally Friedman of the Legal Action Center in New York.
The exposure of the clients' HIV status is considered as more than a violation of the law, as it created risks of violence, trauma, and discrimination.