Insurance giant accidentally leaked HIV status of thousands of patients
An insurance giant is facing legal action after sending thousands of mailouts accidentally disclosing people’s HIV statuses.
Aetna, a US-based health care insurance company, is facing legal action over letters sent to around 12,000 customers living with HIV.
The letters, which contained new instructions for filling prescriptions, were sent to customers taking medication for HIV treatment, as well as those taking HIV-preventing Pre-exposure Prophylaxis (PrEP) drugs.
In a shocking lapse, information about the HIV status of the patients was printed to be clearly visible through the plastic window of the envelopes, below the address.
HIV campaigners say the lapse has left many people “devastated” as their HIV status was unlawfully disclosed.
Attorneys said that individuals who contacted them reported that the Aetna letters were seen by family members, roommates and even neighbours who picked up the letters.
Patients in Arizona, California, Georgia, Illinois, New Jersey, New York, Ohio, Pennsylvania, and Washington, D.C are pursuing action against the company.
Sally Friedman, Legal Director of the Legal Action Center in New York City, and Ronda B. Goldfein, Executive Director of the AIDS Law Project of Pennsylvania, are coordinating the efforts of attorneys with eight organizations in pursuing the issue.
Friedman said: “Aetna’s privacy violation devastated people whose neighbors and family learned their intimate health information. They also were shocked that their health insurer would utterly disregard their privacy rights.”
Goldfein said the lapse “creates a tangible risk of violence, discrimination and other trauma”.
In a letter to Aetna, the attorneys warned: “By sending this mail, Aetna has violated the Health Insurance Portability and Accountability Act (HIPAA), 45 C.F.R. Parts 160 and 164, as well as numerous state statutory and common laws governing confidentiality of health information.
“These privacy violations have caused incalculable harm to Aetna beneficiaries. A number of the individuals who contacted the above-referenced organizations reported
that family members and neighbors learned their confidential information regarding their use of HIV medications as a result of Aetna’s breach.
“Many of them have already filed complaints with administrative agencies, such as the Office of Civil Rights of the U.S. Department of Health and Human
Services and state insurance regulators.
“We demand that Aetna immediately cease and desist from sending any mail that reveals beneficiaries’ medications or other protected health information to anyone other than the individual who opens the envelope.
“We also are seeking verification of the corrective measures that Aetna has taken to ensure that Aetna never engages in this type of privacy breach again.”
In a statement, Aetna said: “We sincerely apologize to those affected by a mailing issue that inadvertently exposed the personal health information of some Aetna members.
“This type of mistake is unacceptable, and we are undertaking a full review of our processes to ensure something like this never happens again.”
In the UK, a sexual health clinic was hit with a massive fine last year after accidentally leaking a list of HIV-positive patients on an email chain.