Aetna fined $1.15m for HIV privacy breach


Aetna fined $1.15m for HIV privacy breach

iStock/ Jamesbenet

Health insurer Aetna has been fined $1.15 million in penalties over the privacy breach of its New York members' HIV status.

New York's Attorney General Eric Schneiderman announced on January 23 a settlement with the insurer following claims that Aetna revealed the HIV status of approximately 2,460 New York members through a mailing in July 2017 in which the envelopes’ oversize transparent address window revealed text confirming the members’ HIV status.

“Through its own carelessness, Aetna blatantly violated its promise to safeguard members’ private health information,” said Schneiderman.

“Health insurance companies handle personal health information on a daily basis and have a fundamental responsibility to be vigilant in protecting their members. We won’t hesitate to act to ensure that insurance companies live up to their responsibilities to the New Yorkers they serve.”

As part of the settlement, Aetna will pay a $1.15 million civil penalty; develop and maintain enhanced operating procedures with regard to privacy protections of personal health information and personally identifiable information in mailings; and hire an independent consultant to monitor and report on the settlement’s injunctive provisions.

Aetna, HIV privacy, Eric Schneiderman, New York, US